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About This Book 


IBM Transmission Control Protocol/Internet Protocol Version 1.2 for OS/2: Installa- 
tion and Maintenance describes the installation, configuration, and maintenance of 
the IBM Transmission Control Protocol/Internet Protocol for Operating System/2 
(TCP/IP for OS/2°) software on a personal computer (PC). 


Note: In this book, the abbreviation PC refers to personal computer. See “How the 
Term “PC” Is Used” on page xv. The abbreviation OS/2 refers to Operating 
System/2 Standard Edition (OS/2 SE), Version 1.3, Operating System/2 Extended 
Edition (OS/2 EE), Version 1.3, or Operating System/2, Version 2.0. 


Who Should Use This Book 


IBM TCP/IP Version 1.2 for OS/2: Installation and Maintenance is intended for 
network administrators, PC users responsible for installing TCP/IP for OS/2, and 
system programmers. 


If you are installing this product, you should have a working knowledge of computer 
network technology, the operation of the PC, and knowledge of the OS/2 operating 
system. Knowledge of the TCP/IP protocols and standard TCP/IP user applications 
are also helpful. In this book, the term protocol is a set of rules for handling com- 
munication tasks. 


lf you are not familiar with TCP/IP concepts, see /nternetworking With TCP/IP 
Volume |: Principles, Protocols, and Architectures, and Internetworking With TCP/IP 
Volume Il: Implementation and Internals. 


How to Use This Book 


You should read this book when you want to install TCP/IP for OS/2, or when you 
want to set up TCP/IP for OS/2 servers and functions. 


How This Book Is Organized 


Read the beginning section of each chapter to familiarize yourself with the topics 
that you need to know to plan and install this product. 


Chapter 1, “Introducing Computer Networks and Protocols,” describes computer 
networks, an internet environment, and protocols supported by TCP/IP for OS/2. 
Also included in this chapter is an overview of the routing and addressing schemes 
used by TCP/IP for OS/2. 


Chapter 2, “Introducing TCP/IP for Your OS/2 Environment,” describes the hard- 
ware, software, and other considerations needed to install TCP/IP for OS/2. 


Chapter 3, “Installing TCP/IP for OS/2,” provides instructions for automated instal- 
lation of your TCP/IP for OS/2. 


Chapter 4, “Host Name Resolution,” describes the files used for host name resol- 
ution. 


Chapter 5, “Manually Modifying Your TCP/IP Configuration,” provides information 
to customize your TCP/IP system. 
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Chapter 6, “Manually Setting Up the TCP/IP Servers,” describes how to customize 
your TCP/IP servers for the OS/2 environment. 


Chapter 7, “Installing and Customizing Network Management Components,” 
describes how to manually set up the Simple Network Management Protocol 
(SNMP). 


Chapter 8, “Installin the Network File System Client,” describes how to install 
Network File System clients. 


Chapter 9, “Installing the Network File System Server,” describes how to install 
Network File System servers. 


Chapter 10, “Setting Up an X.25 Interface,” describes how to install, configure, and 
use an X.25 interface. 


Chapter 11, “Setting Up a SLIP Line,” describes how to connect to another TCP/IP 
network over a serial line. 


Chapter 12, “Setting Up Your Kerberos System,” describes how to manually con- 
figure, customize, and verify the Kerberos Authentication System for 
TCP/IP for OS/2. 


Chapter 13, “Setting Up the X Window System Server,” describes how to setup and 
use the X Window System _ server. 


Chapter 14, “Boot Protocol (BOOTP),” describes how to use the BOOTPD and 
BOOTP commands. 


Chapter 15, “Security Issues,” provides information concerning security issues in 
TCP/IP for OS/2. 


Appendix A, “Optional Files,” contains optional files that can be created for use by 
TCP/IP for OS/2 applications. 


Appendix B, “Sample SLIP.CMD File,” contains a sample SLIP.CMD file. 


Appendix C, “Sample OS/2 TCP/IP Default Directory Structure,” describes the 
defaults directory structure for the TCP/IP for OS/2 product. 


Appendix D, “Management Information Base (MIB) Objects,” contains a list of the 
variables defined by the Management Information Base (MIB). 


Appendix E, “MIB2.TBL File: MIB-IIl Objects,” contains a sample MIB variable file. 


Appendix F, “Messages and Codes,” provides a list of messages and codes for 
TCP/IP for OS/2. 


Appendix G, “Sample BOOTPTAB File,” contains a sample BOOTPTAB file. 


Appendix H, “Related Protocol Specifications,” provides a list of related protocol 
specifications. 


The book also includes a glossary, a bibliography, and an index. 
For comments and suggestions on /BM TCP/IP Version 1.2 for OS/2: Installation and 


Maintenance, use the Reader’s Comment Form located at the back of this book. Use 
this form to give IBM information that might improve the book. 
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What Is New in This Book 


The following is a list of the differences between this edition and the previous 
edition of this book. 


¢ Chapter 1, “Introducing Computer Networks and Protocols,” has been expanded 
to include the X Window System and X.25. 


¢ Chapter 6, “Manually Setting Up the TCP/IP Servers,” has been expanded to 
include information about the LPR driver and RSHD. 


¢ Chapter 7, “Installing and Customizing Network Management Components,” is 
new. The old Chapter 7 “Obtaining Network Status Information,” has been moved 
to /BM TCP/IP Version 1.2 for OS/2: User’s Guide. 


¢ Chapter 9, “Installing the Network File System Server,” is new. 


Chapter 10, “Setting Up an X.25 Interface,” is new. 


Chapter 13, “Setting Up the X Window System Server,” is new. 
Chapter 14, “Boot Protocol (BOOTP),” is new. 


¢ Appendix D, “Management Information Base (MIB) Objects,” is new. 
Appendix E, “MIB2.TBL File: MIB-II Objects,” is new. 
e Appendix G, “Sample BOOTPTAB File,” is new. 


Appendix H, “Related Protocol Specifications,” is new. 


How the Term “internet” Is Used 


In this book, an internet is a logical collection of networks supported by gateways, 
routers, hosts, and various layers of protocols that permit the network to function as 
a large, virtual network. 


Note: The term internet is used as a generic term for a TCP/IP network, and should 
not be confused with the Internet (note capital 1), which consists of large national 
backbone networks (such as MILNET, NSFNet, and CREN) and a myriad of regional 
and local campus networks all over the world. 


How the Term “PC” Is Used 


In this book, PC refers to a personal computer that can run Operating System/2 
Standard Edition (OS/2 SE), Version 1.3, Operating System/2 Extended Edition 
(OS/2 EE), Version 1.3, or Operating System/2, Version 2.0. 


Coding Conventions Used in This Book 
The following coding conventions are used throughout this book: 


¢ Uppercase letters represent commands and subcommands that you must type 
verbatim. 


¢ Lowercase letters represent values that must be entered in lowercase. 


¢ Lowercase italicized letters represent variable parameters for which you supply 
the values. 


e Square brackets [] enclose optional or conditional values. 


Optional values can be omitted. When certain optional values are omitted, 


a B default values are used. 
oy 


ee 


Conditional values can be omitted, depending on the statement. 


¢ Braces {} enclose values from which you must choose a value. 
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¢ Vertical line symbols | indicate that you must select a value from either side of 
the symbol. 


¢ Periods in numbers separate the whole and the fractional portions of the 
numeral. 


¢ Commands and subcommands appear in bold print within format boxes. 


Note: Upper or lowercase italicized letters can also represent screen selections 
from which you must choose. For example: 


Select Yes to stop the NFS control program. 


How Numbers Are Used in This Book 


In this book, numbers over four digits are represented in metric style. A space is 
used rather than a comma to separate groups of three digits. For example, the 
number sixteen thousand, one hundred forty-seven is written 16 147. 


Where to Find More Information 


The following is a list of related publications that you might want to read for more 
information about TCP/IP for OS/2. 


IBM TCP/IP Tutorial and Technical Overview 

Internetworking With TCP/IP Volume I: Principles, Protocols, and Architectures 
Internetworking With TCP/IP Volume I/: Implementation and Internals 

IBM Operating System/2 System Administrator’s Guide for Communications 
Introducing IBM’s TCP/IP Products for OS/2, VM, and MVS 

IBM TCP/IP Version 1.2 for OS/2: Programmer’s Reference 

IBM TCP/IP Version 1.2 for OS/2: User’s Guide 

¢ [BM TCP/IP Version 1.2 for OS/2: Quick Reference Guide. 


For more information about related publications, see the “Bibliography” at the back 
of this book. 
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Chapter 1. Introducing Computer Networks and Protocols 


This chapter introduces the concepts of computer networks and an internet environ- 
ment. The protocols used by TCP/IP are listed by layer, and then described. 
Routing and addressing guidelines are also described. 


Computer Networks 


A computer network is a group of connected nodes that are used for data communi- 
cation. A computer network configuration consists of data processing devices, soft- 
ware, and transmission media that are linked for information interchange. 


Nodes are the functional units, located at the points of connection among the data 
circuits. A node, or end point, can be a host computer, a communication controller, 
a cluster controller, a video display terminal, or another peripheral device. 


Computer networks can be local area networks (LANs), which provide direct com- 
munication among data stations on the user's local premises, or wide area networks 
(WANs), which provide communication services to a geographic area larger than 
that served by aLAN. Typically, WANs operate at a slower rate of speed than LANs. 


Different types of networks provide different functions. Network configurations vary, 
depending on the functions required by the organization. Different organizations 
implement different types of networks. The technology used by these networks 
varies not only from organization to organization, but often varies within the same 
company. 


Networks can differ at any or all layers. At the physical layer, networks can run 
over various network interfaces, such as token ring, Ethernet , PC Network, X.25, 
and serial line. Networks can also vary as to the architectures they use to imple- 
ment network strategies. Some of the more common architectures used today are 
OSI, TCP/IP, SNA, and ISDN. Networks use different protocols to communicate over 
the different physical interfaces available. In addition to these differences, networks 
can all use different software packages to implement various functions. 


To exchange information among these different networks, the concept of an internet 
emerged. 


Internet Environment 


An internet is a logical collection of networks supported by gateways, routers, 
bridges, hosts, and various layers of protocols. An internet permits different phys- 
ical networks to function as a single, large virtual network, and permits dissimilar 
computers to communicate with each other, regardless of their physical con- 
nections. Processes within gateways, routers, and hosts originate and receive 
packet information. Protocols specify a set of rules and formats required to 
exchange these packets of information. 


| 
\ 


a. 
\ 
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Protocols are used to accomplish different tasks in TCP/IP software. To understand 
TCP/IP, you should be familiar with the following terms and relationships. 


A client is a computer or process that requests services on the network. A server is 
a computer or process that responds to a request for service from a client. A user 
accesses a service, which allows the use of data or some other resource. 


A datagram is the basic unit of information, consisting of one or more data packets 
that are passed across an internet at the transport level. 


A gateway is a functional unit that connects two computer networks of different 
network architectures. A router is a device that connects networks at the ISO 
Network Layer. A router is protocol-dependent and connects only networks oper- 
ating the same protocol. Routers do more than transmit data; they also select the 
best transmission paths and optimum sizes for packets. A bridge is a router that 
connects two or more networks and forwards packets among them. The operations 
carried out by a bridge are done at the physical layer and are transparent to TCP/IP 
and TCP/IP routing. 


A host is a computer, connected to a network, which provides an access point to that 
network. A host can be a client, a server, or a client and server simultaneously. In 
a communication network, computers are both the sources and destinations of the 
packets. The local host is the computer to which a user's terminal is directly con- 
nected without the use of an internet, for example, a PC running TCP/IP. A foreign 
host is any host on the network including the local host. A remote host is any 
foreign host not including the local host. A host is identified by its internet address. 


An internet address is a unique 32-bit address identifying each node in an internet. 
An internet address consists of a network number and a local address. Internet 
addresses are represented in dotted-decimal notation and are used to route packets 
through the network. 


Mapping relates internet addresses to physical hardware addresses in the network. 
For example, the Address Resolution Protocol (ARP) is used to map internet 
addresses to token ring or Ethernet physical hardware addresses. 


A network is the combination of two or more nodes and the connecting branches 
among them. A physical network is the hardware that makes up a network. A 
logical network is the absiract organization overlaid on one or more physical net- 
works. An internet is an example of a logical network. 


Packet refers to the unit or block of data of one transaction between a host and its 
network. A packet usually contains a network header, at least one high-level pro- 
tocol header, and data blocks. Generally, the format of the data blocks does not 
affect how packets are handled. Packets are the exchange medium used at the 
internetwork layer to send and receive data through the network. 


A port is an end point for communication between applications, generally referring 
to a logical connection. A port provides queues for sending and receiving data. 
Each port has a port number for identification. When the port number is combined 
with an internet address, a socket address results. 


Protocol refers to a set of rules for achieving communication on a network. 
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TCP/IP Protocols and Functions 


This section categorizes the TCP/IP protocols and functions by their functional group 


(network layer, internetwork layer, transport layer, and application layer). 


Figure 1 


shows the relationship of these protocols and functions within the TCP/IP layered 


architecture for OS/2. 
e Network Layer 


— X.25 Protocol 


— Serial Line Internet Protocol (SLIP) 


Internetwork Layer 


— Internet Protocol (IP) 


— internet Control Message ProtGcai ( 
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— Routing Information Protocol (RIP) 
— Address Resolution Protocol (ARP) 


Transport Layer 


— Transmission Controi Protocol (TCP) 
— User Datagram Protocol (UDP) 


¢ Application Layer 


— Telnet 


— File Transfer Protocol (FTP) 

— Trivial File Transfer Protocol (TFTP) 

— Simple Mail Transfer Protocol (SMTP) 

— Domain Name System (DNS) 

— Simple Network Management Protocol (SNMP) 
— Kerberos Authentication System 

— Remote Printing (LPR and LPD) 


— Talk 
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— Remote Execution Protocol (REXEC) 
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Figure 1. The TCP/IP Layered Architecture 


IEEE 802.3, 






Application 


Transport 


| Inter- 
RIP } ARP inetwork 


Physical 
Network 


UDP 


IBM PC Network, X.25, Serial Line 


Chapter 1. Introducing Computer Networks and Protocols 5 


Network Protocols 


This section describes the protocols that compose the network layer available in 
TCP/IP for OS/2. Network protocols define how data is transported over a physical 
network. These network protocols are not defined by TCP/IP. After a TCP/IP packet 
is created, the network protocol adds a transport dependent network header before 
the packet is sent out onto the network. 


X.25 Protocol 


You can use an X.25 network to establish a TCP/IP connection between two hosts. 
X.25, recommended as a communication interface standard by the International 
Telegraph and Telephone Consultative Commitee (CCITT), defines the interface 
between Data Terminal Equipment (DTE) and Data Circuit-Terminating Equipment 
(DCE). A DTE is a computer or workstation connected to a network. A DCE is the 
equipment at the point of the connection to the network, such as a modem. 


For more information about TCP/IP over X.25, see RFC 877. 


Serial Line Internet Protocol (SLIP) 


In TCP/IP for OS/2, the Serial Line Internet Protocol (SLIP) allows you to set up a 
point-to-point connection between two TCP/IP hosts over a serial line; for example, 
a serial cable or an RS-232 connection into a modem and over a telephone line. 
You can use SLIP to access a remote TCP/IP network from your local host, or to 
route datagrams between two TCP/IP networks. 


For more information about SLIP, see RFC 1055. 


Internetwork Protocols 


Protocols in the internetwork layer provide connection services for TCP/IP. These 
protocols connect physical networks and transport protocols. This section describes 
the internetwork protocols in TCP/IP. 


For more information about TCP/IP in general, see Request For Comments (RFCs) 
1118, 1180, 1206, 1207, and 1208. See Appendix H, “Related Protocol 
Specifications” for a list of other related RFCs. 


Internet Protocol (IP) 


Internet Protocol (IP) provides the interface from the transport level (host-to-host, 
TCP or UDP) protocols to the physical-level protocols. IP is the basic transport 
mechanism for routing IP packets to the next gateway, router, or destination host. 


IP provides the means to transmit blocks of data (or packets) from sources to desti- 
nations. Sources and destinations are hosts identified by internet addresses. Out- 
going packets automatically have an IP header prefixed to them, and incoming 
packets have their IP header removed before being sent to the higher-level proto- 
cols. This protocol provides the universal addressing of hosts in an internet 
network. . 
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IP does not ensure a reliable communication, because it does not require acknowl- 
edgments from the sending host, the receiving host, or intermediate hosts. IP does 
not provide error control for data; it provides only a header checksum. IP treats 
each packet as an independent entity unrelated to any other packet. IP does not 
perform retransmissions or flow control. A higher-level protocol that uses IP must 
implement its own reliability procedures. 


For more information about IP, see RFC 791. 


Internet Control Message Protocol (ICMP) 


Internet Control Message Protocol (ICMP) passes control messages between gate- 
ways, routers, and hosts. For example, ICMP messages can be sent in any of the 
following situations: 


¢ When a host checks to see if another host is available (PING). 

e When a packet cannot reach its destination. 

e When a gateway or router can direct a host to send traffic on a shorter route. 
e When a host requests a netmask or a time stamp. 

e When a gateway or router does not have the buffering capacity to forward a 


packet. 


ICMP provides feedback about problems in the communication environment; it does 
not make IP reliable. ICMP does not guarantee that an IP packet will be delivered 
reliably or that an ICMP message will be returned to the source host when an IP 
packet is not delivered or is incorrectly delivered. 


For more information about ICMP, see RFC 792. 


Routing Information Protocol (RIP) 


Routing Information Protocol (RIP) is used by gateways, routers, and hosts to 
exchange routing information. This information can be used to maintain routing 
table entries. 


For more information about RIP, see RFC 1058. 


Address Resolution Protocol (ARP) 


Address Resolution Protocol (ARP) maps internet addresses to hardware 
addresses. TCP/IP uses ARP to collect and distribute the information for mapping 
tables. 


ARP is not directly available to users cr applications. When an application sends an 
internet packet, IP requests the appropriate address mapping. If the mapping is not 
in the mapping table, an ARP broadcast packet is sent to all the hosts on the 
network requesting the physical hardware address for the host. 


For more information about ARP, see RFC 826. 
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Transport Protocols 


The transport layer of TCP/IP consists of transport protocols, which allow communi- 
cation between application programs. This section describes the transport proto- 
cols in TCP/IP. 


Transmission Control Protocol (TCP) 


The Transmission Control Protocol (TCP) provides a reliable vehicle for delivering 
packets between hosts on an internet. TCP takes a stream of data, breaks it into 
datagrams, sends each one individually using IP, and reassembles the datagrams at 
the destination node. If any datagrams are lost or damaged during transmission, 
TCP detects this fact and resends the missing datagrams. The received data stream 
is a reliable copy of the transmitted data stream. 


TCP is designed to guarantee that data is not damaged, lost, duplicated, or deliv- 
ered out of order. The receiving process has control over the rate at which it 
receives the data. 


For more information about TCP, see RFC 793. 


User Datagram Protocol (UDP) 


User Datagram Protocol (UDP) provides an unreliable mode of communication 
between source and destination hosts. UDP is built upon the service of the IP pro- 
tocol in the internetwork layer. UDP provides a procedure for application programs 
to send data to other programs with a minimum of protocol overhead. 


Like IP, UDP does not offer reliable datagram delivery or duplication protection. 
UDP does provide checksums for both the header and data portions of a datagram. 
However, applications that require reliable delivery of streams of data should use 
TCP. 


For more information about UDP, see RFC 768. 


Applications, Functions, and Protocols 


Telnet Protocol 


Applications are provided with TCP/IP for OS/2 that allow users to use network ser- 
vices. These applications are included in the application layer of TCP/IP. The appli- 
cation layer is built upon the services of the transport layer. This section describes 
the applications, functions, and protocols in TCP/IP. 


Telnet Protocol provides a standard method to interface terminal devices and 
terminal-oriented processes with each other. Telnet is built upon the services of 
TCP in the transport layer. Telnet provides duplex communication and sends data 
either as ASCII characters or as binary data. 


Telnet is commonly used to establish a logon session on a foreign host. Telnet can 
also be used for terminal-to-terminal communication and interprocess communi- 
cation. 


For more information about the Telnet Protocol, see RFCs 854, 856, 857, 885, and 
1091. 
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File Transfer Protocol (FTP) 


File Transfer Protocol (FTP) makes it possible to transfer data between local and 
foreign hosts or between two foreign hosts. FTP is built upon the services of TCP in 
the transport layer. FTP transfers files as either ASCII characters or as binary data. 
ASCII characters are used to transfer files that contain text characters. 


FTP provides functions such as listing remote directories, changing the current 
remote directory, creating and removing remote directories, and transferring one or 
more files in a single request. Security is handled by passing user and account 
passwords to the foreign hosts. 


For more information about FTP, see RFC 959. 


Trivial File Transfer Protocol (TFTP) 


Trivial File Transfer Protocol (TFTP) is designed only to read and write files to and 
from a foreign host. TFTP is built upon the services of UDP in the transport layer. 
TFTP allows you to limit drive and directory access. 


TFTP, like FTP, can transfer files as either ASCII characters or as binary data. 
However, unlike FTP, TFTP cannot be used to list or change directories at a foreign 
host, and it has no provisions for user authentication. 


For more information about TFTP, see RFC 783. 


Simple Mail Transfer Protocol (SMTP) 


Simple Mail Transfer Protocol (SMTP) is an electronic mail protocol with both client 
(sender) and server (receiver) functions. 


SMTP is implemented with the Sendmail program in an OS/2 environment. You do 
not interface directly with SMTP. Instead, electronic mail software is used to create 
mail, which in turn uses SMTP to send the mail to its destination. 


For more information about SMTP, see RFCs 821, 822, and 974. 


Domain Name System (DNS) 


Domain Name System (DNS) uses a hierarchical-naming system for naming hosts. 
Each host name is composed of domain labels separated by periods. Local network 
administrators have the authority to name local domains within an internet. Each 
label represents an increasingly higher domain Jevel within an internet. The fully 
qualified domain name of a host connected to one of the larger internets generally 
has one or more subdomains. For example: 


host.subdomain. subdomain. rootdomain 
or 
host.subdomain. rootdomain 


Domain names often reflect the hierarchy level used by network administrators to 
assign domain names. For example, the domain name eng.mit.edu is the lowest 
level domain name, which is a subdomain of mit.edu. The subdomain mit.edu is a 
subdomain of edu. 


Figure 2 on page 10 is an example of the DNS used in the hierarchy naming struc- 
ture across an internet. 
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Figure 2. Hierarchical Tree 


You can refer to hosts in your domain by host name only; however, a name server 
requires a fully qualified domain name. The local resolver combines the host name 
with the domain name before sending the address resolution request to the domain 
name server. 


TCP/IP for OS/2 uses the local resolver functions of a local name resolution file. 
This file, called HOSTS, resides in the ETC directory and contains entries that allow 
you to map symbolic names to internet addresses. If a RESOLV file exists in the 
ETC directory, the resolver sends the request to the foreign name server before 
using the local HOSTS file. 


When using the HOSTS file on a small internet, it is not necessary to use the 
hierarchical-naming system used by the larger internets. The following example is 
a token ring network of three users and their entries in the HOSTS file. 


129.5.24.1 Hostl vjsPC PC1 mathdept 
129.5.24.3 PC3 normasPC Host3 # This is Norma's PC 
129.5.24.4 PC4 budsPC 


A carriage return must be entered at the end of each line. 


In this example, each time the user enters the host_name of Host1 or the aliases 
vjsPC, PC1, or mathdept, the local name resolver translates it to the internet address 
of 129.5.24.1. For more information about the format of network addresses, see 
“Network Address Format” on page 14. 


For more information about DNS, see RFCs 1034 and 1035. 


IBM TCP/IP Version 1.2 for OS/2: Installation and Maintenance 


Simple Network Management Protocol (SNMP) 


Simple Network Management Protocol (SNMP) provides a means for managing an 
internet environment. SNMP allows network management by elements, such as 
gateways, routers, and hosts. Network elements act as servers and contain man- 
agement agents, which perform the management functions requested. Network 
management stations act as clients; they run the management applications, which 
monitor and control the network. SNMP provides a means of communicating 
between these elements and stations to send and receive information about network 
resources. 


For more information about SNMP, see RFCs 1155, 1157, 1187, and 1213. 


Kerberos Authentication System 


The Kerberos Authentication System provides additional security by allowing 
authorization checking at the user level rather than at the node level. This system 
allows client and server pairs to verify that the partner is authorized to participate in 
the function being performed. 


For more information about Kerberos, see the MIT papers “Kerberos: An 
Authentication Service for Open Networks” and “Kerberos Authentication and 
Authorization System.” 


Remote Printing (LPR and LPD) 


Talk 


TCP/IP for OS/2 provides both client and server support for remote printing. This 
application allows you to spool files remotely to a line printer daemon (LPD). The 
line printer client (LPR) sends the file to be printed to a specified print server host 
and to a specified printer. 


For more information about LPR and LPD, see RFC 1179. 


Talk allows you to send interactive messages, as opposed to the batch mail capabil- 
ities of SMTP. When a local host sends a Talk request to a foreign host, the user on 
the foreign host is notified that there is a connection request. Tne user on the 
foreign host must respond with a Talk message to the local host. Message 
exchange can then occur between the local and foreign hosts. 


Finger Protocol (FINGER) 


RouteD 


The Finger Protocol (FINGER) provides an interface for querying the current status 
of a remote host or a user ID on a remote host. FINGER uses TCP as the underlying 
protocol. 


For more information about FINGER, see RFC 1196. 


RouteD uses the Routing Information Protocol (RIP) to dynamically create and main- 
tain network routing tables. The RIP protocol arranges to have gateways and 
routers periodically broadcast their routing tables to neighbors. Using this informa- 
tion, a RouteD server can update a host’s routing tables. For example, RouteD 
determines if a new route has been created, if a route is temporarily unavailable, or 
ifa more efficient route exists. 


For more information about RouteD, see RFC 1058. 
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X Window System 


The X Window System Protocol is designed to support network transparent win- 
dowing and graphics. TCP/IP for OS/2 provides server support to X Window System 
client applications. 


For more information about X Window System, see RFC 1013. 


File Transfer Protocol Application Programming Interface (FTP API) 


The File Transfer Protocol (FTP) Application Programming Interface (API) allows 
applications to have a client interface for file transfer. Applications written to this 
interface can communicate with multiple FTP servers at the same time. A maximum 
of 256 simultaneous connections are supported. The interface also allows 
third-party transfers between pairs of FTP servers. Consecutive third-party proxy 
transfers are allowed between any sequence of pairs of FTP servers. 


The API tracks the servers to which an application is currently connected. When a 
new request for FTP service is requested, API checks whether there is a connection 
to the server. If the connection does not exist, it is established. If the server has 
dropped the connection since last use, it is reestablished. 


FTP API provides functions, such as listing remote directories, changing the current 
remote directory, creating and removing remote directories, and transferring one or 
more files in a single request. Security is handled by passing user and account 
passwords to the foreign hosts. 


For more information about FTP, see RFC 959. 


Remote Procedure Call (RPC) 


The Remote Procedure Call Protocol (RPC) is a programming interface that allows 
programs to execute subroutines on a foreign host. RPCs are high-level program 
calls, which can be used in place of the lower-level calls that are based on sockets. 


For more information about RPC, see RFC 1057. 


Network File System (NFS) 


The Network File System (NFS) allows you to manipulate files on remote TCP/IP 
hosts as if they reside on your local host. NFS is based on the NFS protocol, and 
uses the Remote Procedure Call (RPC) protocol to communicate between the client 
and the server. The files to be accessed reside on the server host, and are made 
available to the user on the client host. 


NFS supports a hierarchical file structure. The directory and subdirectory structure 
can be different for individual client systems. 


For more information about NFS, see RFC 1094. 


Remote Execution Protocol (REXEC) 


Remote Execution Protocol allows you to execute a command on a foreign host and 
receive the results on the local host. Remote Execution Protocol provides automatic 
logon and user authentication depending on the parameters set by the user. 
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Network Computing System (NCS) 


Network Computing System (NCS) is a programmer tool kit that allows program- 
mers to distribute processing power to other hosts. NCS is similar to RPC in that it 
allows a higher level of program calls. TCP/IP provides a programming interface to 
NCS. 


For more information about NCS, see Network Computing System (NCS) Reference. 


Socket Interfaces 


Routing 


Socket interfaces allow users to write their own applications to supplement those 
supplied by TCP/IP for OS/2. Most of these additional applications communicate 
with either TCP or UDP. Some applications are written to communicate directly with 
iP. fo write applications that use the socket interfaces of TOP/IP tor OS/Z, you must 
be able to compile and link the programs using the Microsoft C compiler, Version 
6.00A. 


Sockets are duplex, which means that data can be transmitted and received simul- 
taneously. Sockets allow you to send to, and receive from, the socket as if you are 
writing to and reading from any other network device. 


The routing functions in an internet are performed at the internetwork layer. 
Routing is the process of deciding where to send a packet based on its destination 
address. Two kinds of routing are involved in communications within an internet: 
direct and indirect. 


Direct routing is used when the source and destination nodes are on the same 
logical network within an internet. The source node maps the destination internet 
address into a hardware address and sends packets to the destination node using 
this address. This mapping is normally performed through a translation table. Ifa 
match cannot be found for a destination internet address, ARP is invoked to deter- 
mine this address. 


Indirect routing is used when the source and destination nodes are on different 
logical networks within an internet. The source node sends packets to a gateway or 
router on the same network using direct routing. From there, the packets are for- 
warded through intermediate gateways or routers, as required, until they arrive at 
the destination network. Direct routing is then used to forward the packets to the 
destination host on that network. Each gateway, router, and host in an internet has 
a routing table that defines the address of the next gateway to other networks (as 
well as other nodes on other networks) in an internet. 


Internet Addressing 


Each internet host is assigned at least one unique internet address. This address is 
used by the IP and other higher-level protocols. When gateway hosts are used, 
more than one address may be required. Each interface to an internet is assigned 
its own unique address. Internet addresses are used to route packets through the 
network. 
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Addresses within an internet consist of a network number and a local address. A 

unique network number is assigned to each network when it connects to another fo 
internet. If a local network is not going to connect to other internets, any convenient QO 
network number is assigned. Some networks are divided into subnets. For informa- 

tion about subnetting, see “Subnetwork Address Format” on page 15. 


Hosts that exchange packets on the same physical network should have the same 
network number. Hosts on different physical networks might also have the same 
network number. If hosts have the same network number, part of the local address 
is used as a subnetwork number. All host interfaces to the same physical network 
are given the same subnetwork number. 


An internet can provide standards for assigning addresses to networks, broadcasts, 
and subnetworks. Examples of these standard formats are described in the fol- 
lowing sections. 


Network Address Format 
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A standard internet address uses a two-part, 32-bit address field. The first part of 
the address field contains the network address; the second part contains the local 
address. The four different types of address fields are classified as A, B, C, or D, 
depending on the bit allocation. 


Figure 3 represents a class A address. Class A addresses have a 7-bit network 
number and a 24-bit local address, with the highest order bit set to 0. 


1 2 3 
01234567; 89012345167890123;,45678901 we 
fo] Network Local Address NG. 2 


Figure 3. Class A Address 





Figure 4 represents a class B address. Class B addresses have a 14-bit network 
number and a 16-bit local address with the highest order bits set to 10. 


1 2 3 
01234567;89012345;67890123;)45678901 


Figure 4. Class B Address 





Figure 5 represents a class C address. Class C addresses have a 21-bit network 
number and an 8-bit local address with the three highest order bits set to 110. 


1 2 3 
01234567/;89012345;67890123;45678901 





Figure 5. Class C Address. 


Figure 6 represents a class D address. Class D networks have a multicast address 
that is sent to selected hosts on the network. The four highest order bits are set to 
1110. 


1 2 3 
01234567|89012345|,67890123;45678901 
111090 Multicast Address 


Figure 6. Class D Address 










Note: Class D addresses are not supported in TCP/IP for OS/2. 

A commonly used notation for internet host addresses is the dotted-decimal, which 
divides the 32-bit address into four 8-bit fleids. The value of each field ts specified 
as a decimal number, and the fields are separated by periods (for example, 
010.002.000.052 or 10.2.0.52). 


Address examples in this book use dotted-decimal notation in the following forms: 


Class A nnn LAA 
Class B nnan.nnn. Ll 
Class C nnn.nnn.nnn. lll 


where nnn represents part or all of a network number and /// represents part or all 
of a local address. 


Broadcast Address Format 
TCP/IP uses IP broadcasting to send datagrams to all the TCP/IP hosts on a network 
or subnetwork. A datagram sent to the broadcast address is received by all the 
hosts on the network and processed as if the datagram was sent directly to the 
host’s IP address. The IP broadcast address is formed by setting all the host bits to 
ones. 


For more information about IP broadcasting, see RFCs 919 and 922. 


Subnetwork Address Format 


The subnetwork capability of TCP/IP divides a single network into multiple logical 
networks (subnets). For instance, an organization can have a single internet 
network address that is known to users outside the organization, yet configure its 
internal network into different departmental subnets. Subnetwork addresses 
enhance local routing capabilities, while reducing the number of network numbers 
required. 


For a subnet, the local address part of an internet address is divided into a subnet 
number and a host number, for example: 


network_number subnet_number host_number 


where: 

network_number Is the network portion of the internet address. 
subnet_number Is a field of a constant width for a given network. 
host_number Is a field that is at least 1-bit wide. 
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If the width of the subnet_number field is 0, the network is not organized into 
subnets, and addressing to the network is done with an internet network address 
(network_number). 


Figure 7 represents a class B address with a 6-bit subnet field. 


1 2 3 
01234567; 89012345;67890123;45678901 


Figure 7. Class B Address with Subnet 





The bits that identify the subnet are specified by a bit mask. A bit mask is a pattern 
of binary digits used to assign subnet addresses. The subnet bits are not required 
to be adjacent in the address. However, the subnet bits generally are contiguous 
and located as the most significant bits of the local address. 


For more information about Subnetwork Address Format, see RFC 950. 
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Chapter 2. Introducing TCP/IP for Your OS/2 Environment 


This chapter contains an introduction to TCP/IP for OS/2. Additional background 
information can be found in /ntroducing IBM’s TCP/IP Products for OS/2, VM, and 
MVS. 


This chapter also describes the hardware and software requirements for installing 
TCP/IP for OS/2. 


Overview of TCP/IP for OS/2 


TOP/iIP for OS/2 aiiows PCs running OS/2 io attach io networks running TOP/IP. 
With TCP/IP for OS/2 your PC can be used as a stand-alone PC, yet access and 
provide services on a network. 


Multitasking 


TCP/IP for OS/2 uses the multitasking feature in OS/2. Multitasking allows you to 
work on two or more applications at the same time. This means TCP/IP clients and 
servers Can run as background tasks in the TCP/IP for OS/2 environment; enabling 
clients and servers to send and receive, or to request and service several functions 
at the same time. 


You should not run TCP/IP for OS/2 servers as detached processes. Because 
detached processes do not process output calls to your PC, you do not receive any 
messages from the servers. 


Clients and Servers 


TCP/IP for OS/2 clients and servers are programs started by you. Clients request 
services on the network. Servers respond to requests for service from clients. 


Hosts and Routers 


When you install TCP/IP for OS/2, you can configure your PC as a host or router, or 
both. If you install a second network adapter board to connect to another network, 
you can configure your PC as a router. If you configure your PC to handle both func- 
tions, you may require additional memory to provide both packet routing and 
network services efficiently. If you configure your PC as a router, your performance 
could also be affected. 


System Requirements 


This section describes the hardware and software environments that are required 
for TCP/IP for OS/2. 


Hardware Environment 
TCP/IP for OS/2 requires the following hardware. 


¢ Computer Models 


Any PC, with the appropriate fixed disk and memory that OS/2 SE 1.3, OS/2 EE 
1.3, or OS/2 2.0 supports is also supported by TCP/IP for OS/2. 


Note: To use an X.25 interface with TCP/IP for OS/2, you need at least a PS/2 
Model 50 (micro channel) or higher. 
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¢ Computer Accessories 
You require the following accessories to install TCP/IP for OS/2: 


— A 3.5-inch or 5.25-inch diskette drive 

— Acolor or monochrome monitor 

— A keyboard (IBM PC AT or Enhanced) 

— A mouse (optional) 

— AHayes AT-compatible modem (optional) 


Network Adapters 


TCP/IP for OS/2 conforms to the Network Driver Interface Specification (NDIS**) 
and has been tested with the following network adapters. 


— IBM PC Network Adapter II 

— IBM PC Network Adapter II/A 

— IBM PS/2 Adapter/A for Ethernet 

— {BM Token Ring Network Adapter 

— IBM Token Ring Network Adapter Il 

— IBM Token Ring Network Adapter/A 

— IBM Token Ring Network 16/4 Adapter 

— IBM Token Ring Network 16/4 Adapter/A 
— 3Com Etherlink Il Adapter 

— 3Com Etherlink/MC Adapter 

— Western Digital Ethercard PLUS Adapter 
— Western Digital Ethercard PLUS/A Adapter 
— Ungerman-Bass NlUpc Adapter 

— Ungerman-Bass NlUps Adapter 


To run X.25, you need the following network adapter: 
— IBM X.25 Interface Coprocessor/2 
¢ Network Communication Media 


TCP/IP for OS/2 accommodates several kinds of media. Set up your network 
communication media using one or more of the following network communi- 
cation devices: 


— IBM PC Network LAN 
— IBM Token Ring LAN 
— Ethernet LAN 

— Serial Line 

— X.25 Link 


Once the LANs are in place, you can interconnect them with gateways to form an 
internet. If a serial line is used, the following line speeds are supported: 


— 1200 bps 
— 2400 bps 
— 4800 bps 
— 9600 bps 
— 19 200 bps. 


Note: All line speeds are given in bits per second. 


‘A * 
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Software Environment 


TCP/IP for OS/2 requires OS/2 SE, Version 1.3, OS/2 EE, Version 1.3, or OS/2, 
Version 2.0 installed on your PC. TCP/IP for OS/2 using an X.25 network requires 
OS/2 EE 1.3 and Communications Manager installed on your PC. 


To install TCP/IP for OS/2, you should know how to create and edit files, and manip- 
ulate directories on your fixed disk using OS/2. You should be familiar with the 
OS/2 Presentation Manager . You should also be familiar with the OS/2 Communi- 
cations Manager to use the X.25 network. 


lf you plan to write your own applications, which use the programming interfaces of 


TCP/IP for OS/2, or modify the source code provided, you need the Microsoft C com- 
piler, Version 6.00A. 
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Chapter 3. Installing TCP/IP for OS/2 


This chapter contains information necessary to install TCP/IP for OS/2 on your PC. 


System Requirements 


Installation 


Starting ICAT 


You must have Operating System/2 SE, Version 1.3, Operating System/2 EE, Version 
1.3, or Operating System/2, Version 2.0, and at least one network adapter or modem 
installed on your PC. For additional information about the required hardware and 
software environments, see Chapter 2, “Introducing TCP/IP for Your OS/2 
Environment.” 


The steps you should follow during installation depend on the following: 
e The operation of your PC as a host or router 
¢ Your network communication media 


e The models of network adapters and the number of network connections planned 
for your PC. 


The Installation and Configuration Automation Tool (ICAT) program is used for auto- 
mated installation. ICAT is contained on a diskette that is a part of your TCP/IP for 
OS/2 base product. 


During the installation process, ICAT prompts you for all the information you need to 
get TCP/IP for OS/2 running on your PC. 


ICAT is a Presentation Manager application that uses standard input and output con- 
ventions. If at any time you need further assistance to understand a data entry field, 
place the cursor on the field, and press the | key. To get help on the current 
screen, press the ‘FL key, or click on the F1=Help selection available at the 
bottom of each ICAT screen. 








The following steps describe how to start the ICAT program. 


1. Insert the diskette labeled “TCP/IP Version 1.2 for OS/2, diskette B-1” into drive 
A. 





2. Type A: ICAT at an OS/2 command prompt, and press the 


The “TCP/IP - ICAT” introduction window is displayed. 
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=| a TCPAP - ICAT | L:| 


Fl=Help 
(FR) 


Transmission Control! Protocol/iInternet Protocol 
Version 1.2 
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Installation and Configuration Automation Tool 
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Figure 8. TCP/IP - ICAT 


The following button selections are displayed at the bottom of the window. 
Selection Description 


Read Me Displays additional product release information. It is important that 
you review the Read Me information before installing or configuring 
the TCP/IP for OS/2 product. 


Install Displays the “TCP/IP Installation Tool” window. 
Configure Displays the “TCP/IP Configuration Tool” window. 
Exit Exits you from the ICAT program. 


To install your TCP/IP for OS/2 programs, select /nstall. 


Installing TCP/IP 
If you are replacing an existing installation of TCP/IP for OS/2 with Version 1.2, 
follow the procedures described in “Removing TCP/IP for OS/2” on page 40 to 
remove the earlier installation, before proceeding with your installation. 


The following is an example of the “TCP/IP Installation Tool” window that is dis- 
played as a result of selecting /nstal// from the “TCP/IP - ICAT” introduction window. 
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TCPiIP - ICAT 


TCPAP Installation Tool 


Transmission Control Protocol/Internet Protocol 
for Operating System/2 
Installation Tool 
select the options to be installed 
(4.96 MBytes) [l‘Base Product 
(0.41 MBytes] Network File System 
(5.62 MBytes) [eX Window System Server 
(0.13 MBytes] Edx.25 Interface Software 
(3.20 MBytes] Programming Libraries 
[/.42 MBytes] source Code 


Base directory for the installation: 


Figure 9. TCP/IP Installation Tool 


The following options are displayed. 
Option Description 


Base Product The executable modules that are needed to run TCP/IP 
and the TCP/IP for OS/2 clients and servers. 


Network File System The executable modules that are needed to run the 
Network File System Client and Server. 


X Window System Server The executable modules that are needed to run the 
X Window System Server. 


X.25 Interface Software The executable modules that are needed to run TCP/IP 
for OS/2 over an X.25 interface. 


Programming Libraries The libraries and header files for each of the TCP/IP 
application programming interfaces. 


TCP/IP Source Code The source code to customize or change the TCP/IP for 
OS/2 products. 


Note: These products are purchased as a total package or individually. The sizes 
of the products shown in Figure 9 may have changed since the printing of this 
manual. 


The default base directory for the installation is C:\TCPIP. To chan the name of 
the base directory for the installation of TCP/IP for OS/2, use your | key to scroll 
to the “Base directory for the installation” field, and type the name of the directory. 





When you use the “TCP/IP Configuration Tool” window, you are requested to enter 
the name of the base directory where you installed TCP/IP. Keep a record of the 
name you have chosen for the base directory. 
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Press the | key to move from the base directory field to the buttons at the 
bottom of the window. 


The following button selections are displayed at the bottom of the window. 


Selection Description 
Install Executes the installation process for the products that you selected. 
Cancel Returns you to the “TCP/IP - ICAT” introduction window without 


installing any of the selected products. 


F1=Help Provides help information. 


If you choose the /nsta// selection, you are prompted to insert the required diskettes 
into drive A. If you are installing a product that requires CONFIG.SYS changes, 
ICAT asks you if you want to update your CONFIG.SYS after the diskettes have been 
copied. Upon completion of the automated installation process, a message is dis- 
played, verifying a successful installation. 


The “TCP/IP - ICAT” introduction window is redisplayed. 


If a message is displayed stating that installation was not successful, repeat the 
installation process and correct any errors that are indicated during the process. 


The TCP/IP for OS/2 programs are installed, by default, into the C:\TCPIP subdirec- 
tory. For example, the TCPIP.LIB file resides in the directory path C:\TCPIP\LIB and 
contains the programming interface libraries of TCP/IP for OS/2. For more informa- 
tion about the default directory structure, see Appendix C, “Sample OS/2 TCP/IP 
Default Directory Structure.” 
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You must have certain information available before configuring your system. 
Review the ICAT program documentation provided in the following sections of this 
chapter to determine the information that you need for your specific network config- 
uration. 


You are now ready to configure your TCP/IP software. 
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Configuring TCP/IP 


The following is an example of the “TCP/IP Configuration Tool” window that is dis- 
played as a result of selecting Configure from the “TCP/IP - ICAT” introduction 


window. 


TCPAP - ICAT 


TCPIIP Configuration Tool 


Transmission Control Protocol/Internet Protocol! 


Base directory where the 
product is installed: 


for Operating System/2 


Configuration Menu 


CATCPIP 


notions that you wantto configure 
. Network Interface Parameters 
. & 25 Interface Parameters 
. SLIP Interface Parameters 
. Automatic Starting of Services 


. Configure Services 
- Routing Information 





Figure 10. TCP/IP Configuration Tool 


At the top of the window in the “Base directory where the product is installed” field, 
type the name of the installation directory that you specified in the “TCP/IP Instaila- 


tion Tool” window. 


The following configuration selections are displayed. 


Selection 


Network Interface Parameters 


X.25 Interface Parameters 


SLIP Interface Parameters 


Automatic Starting of Services 


Configure Services 


Routing Information 


Description 


Displays the “Configure Network Interface Param- 
eters” window. 


Displays the “Configure X.25 Interface 
Parameters” window. 


Displays the “Configure SLIP Interface Parame- 
ters” window. 


Displays the “Configure Automatic Starting of Ser- 
vices” windows. 


Displays the “Configure Services” window. 


Displays the “Configure Routing Information” 
window. 
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Use any of the following methods to make your screen selections. 
e Use the mouse and place the cursor on the desired selection, and double click. 


e Use the following keyboard functions: 





the directional arrows to scroll to the desired item, and press the 





— Press the directional arrows to scroll to the desired item, and press the space 
bar. 





e Use the 
selections. 


key to move from one group of selections to another group of 


The following button selections are displayed at the bottom of the window. 
Selection Description 


Exit Saves the current configuration values and returns you to the 
“TCP/IP-ICAT” introduction window. 


Cancel Discards any changes made and returns you to the “TCP/IP-ICAT” 
introduction window. 


F1=Help Provides help information. 


Configuring Network Interface Parameters 

The following is an example of the “Configure Network Interface Parameters” 
window that is displayed as a result of selecting Network Interface Parameters from 
the “TCP/IP Configuration Tool” window. 


Configure Network Interface Parameters 


Local Area Network Adapter 0 (Primary] Local Area Network Adapter | [Alternate] 
QB Enable LAN Adapter 0 Ed Enable LAN Adapter 1 


IP Address: IP Address:[9.67.60.129 _—| 

Subnet Mask: Subnet Mask: [255.255.255.224 | 
Broadcast: [ Broadcast: [ 
Destination Address: fe as ee Destination Address:[| si 


Routing Metric Count: [o | Routing Metric Count: (o | 
See Transmission Linit: [ en Transmission Unit: [ 
“ifcontig" “ifconfig’ 
state (note: Default state is all ficlds off] | |State (note: Default state is all fields off} 

allrs (Single route broadcast allrs (JSingle route broadcast 

arp _j Disable use of ARP arp [_j Disable use of ARP 

bridge [_| Disable routing field support bridge (_jDisable routing field support 

snap (_jDisable extended SNAP support snap (J]Disable extended SNAP support 
~ trailers [J Trailer encapsulation — trailers (_] Trailer encapsulation 








Figure 11. Configure Network Interface Parameters 
When you configure your network adapters, ICAT creates or modifies the 


SETUP.CMD file for you. You can configure up to four network adapters. An 
example of the format of the network adapter entries is displayed in Figure 11. 
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The IFCONFIG parameters that you can select are displayed at the bottom of the 
window. A description of the parameters is also displayed. If you select one of the 
IFCONFIG options, the current state changes. For more information about the 
IFCONFIG parameters, see /BM TCP/IP Version 1.2 for OS/2: User’s Guide. 


Use any of the following methods to make your screen selections at the top of the 
window. 


¢ Use the mouse and place the cursor in the entry field of the desired selection; 
type your entry, and single click on your next entry field. 


¢ Press the directional arrows to scroll to the desired item; type your entry in the 
entry field. Use the key to move from one group of selections to another 
group of selections. 





Use any of the following methods to make your screen selections at the bottom of 
the window. 


e Use the mouse and place the cursor in the box of the desired selection, and 
single click. 


e Press the directional arrows to scroll to the desired item, and press the space 
bar. 





e Use the 
selections. 


key to move from one group of selections to another group of 


The following button selections are displayed at the bottom of the window. 
Selection Description 


Menu Retains the current values, and redisplays the “TCP/IP Config- 
uration Tool” window. The values are not saved until you exit 
from the “TCP/IP Configuration Tool” window. 


Cancel Discards any changes made and returns you to the “TCP/IP Con- 
figuration Tool” window. 

F1=Help Provides help information. 

Next Screen Displays the next screen. 


Previous Screen Returns you to the previous screen. 


Configuring X.25 Interface Parameters 

The following is an example of the “Configure X.25 Interface Parameters” window 
that is displayed as a result of selecting X.25 Interface Parameters from the “TCP/IP 
Configuration Tool” window. 


When you configure your X.25 interface, ICAT creates or modifies the X25.CMD file 
for you. 
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TCPAP - ICAT 


Configure *¢5 Interface Parameters 


IP Address:/9.67.58.163 
SubnetMask:[ 


Maximum Transmission Unit: 
A 


. Configure Services 
. Routing Information 





Figure 12. Configure X.25 Interface Parameters 


The following button selections are displayed at the bottom of the window. 
Selection Description 


Menu Retains the current values, and redisplays the “TCP/IP Configura- 
tion Tool” window. The values are not saved until you exit from the 
“TCP/IP Configuration Tool” window. 


Cancel Discards any changed values and returns you to the “TCP/IP Config- 
uration Tool” window. 


F1=Help Provides help information. 
Configuring SLIP Interface Parameters 
The following is an example of the “Configure SLIP Interface Parameters” window 


that is displayed as a result of selecting SL/P Interface Parameters from the “TCP/IP 
Configuration Tool” window. 
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TCPAP - ICAT 






Configure SLIP Interface Parameters 






Enable the SLIP interface. 


(_j Automatically dial the target host at TCP/IP startup. 


IP Address: 9.67.58.160] 
Destination Address: [ 


Communications Port:/COM1 
Modem Speed: (2400 | (bps) 


Dial String: |ATDT 1 (123) 123-1234 


Modem Delay: 2 | [seconds] 


Cancel_| 

















Figure 13. Configure SLIP Interface Parameters 


When you configure your SLIP Interface, ICAT creates or modifies the SLIP.CMD and 
SETUP.CMD files for you. For an example of a SLIP.CMD file, see Appendix B, 
“Sample SLIP.CMD File.” 


Note: You must click on the “Enable the SLIP Interface” selection to use the 
adapter. 

The following button selections are displayed at the bottom of the window. 
Selection Description 


Menu Retains the current values, and redisplays the “TCP/IP Configura- 
tion Tool” window. The values are not saved until you exit from the 
“TCP/IP Configuration Tool” window. 


Cancel Discards any changed values and returns you to the “TCP/IP Config- 
uration Tool” window. 


F1=Help Provides help information. 


Configuring Automatic Starting of Services 

The following are examples of the “Configure Automatic Starting of Services” 
windows that are displayed when you select Automatic Starting of Services from the 
“TCP/IP Configuration Tool” window. 


When you configure the services that you want automatically started, ICAT creates 
or modifies the TCPSTART.CMD and STARTUP.CMD files. 
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Configure Automatic Starting of Services SCREEN 1 OF 2 


select Service for Automatic Starting Parameters 
Enable this machine to start the inetd super server. 

finetd] 
Enable other users to login to this machine. 

{telnetd] Start the telnetd using: & inetd QO Foreground session 


Enable others to access your files by using FTP. 
[ftpd) Start the ftpd using: Winetd (Foreground session 


Enable others to access your files by using TFTP 
(tftpd) = Startthe titpdusing: inetd (C) Foreground session 


Enable others to remotely execute commands on this machine usin 
(rexecd] Start the rexecd using: @inetd () Foreground session 


jEnable others to remotely execute commands on this machine usin 
(rshd) = Startthe rshd using: @ inetd (Foreground session 


Enable this machine's printer to accept network print jobs 
{Ipd) Start the Ipd using: @inetd (Foreground session 


Configure Automatic Starting of Services SCREEN 2 OF 2 


Select Service for Automatic Starting Parameters 


-nocopyright 


Lj Enable others to “talk to you by using TALK. 
(talkd) 


Lj Enable this machine to function as an NFS server 
infsd] 


Enable this machine to mount remote file systems. (NFSCTL). . . 
infsstart] 


J Enable automatic management of this machine's routing tables. 
[routed] 


Enable this machine to receive mail from others 
{sendmail -bd) 


Enable automatic starting of the LaMail application. 
flamail] 


Fi=Hely 





Figure 14. Configure Automatic Starting of Services 


Select the TCP/IP services that you want to automatically start when you initially 
start TCP/IP. The TCP/IP services are invoked from the TCPSTART.CMD file. See 
Chapter 6, “Manually Setting Up the TCP/IP Servers,” for more information about 
parameters. 
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Use any of the following methods to make your screen selections on the right side of 
the window. 


e Use the mouse and place the cursor in the entry field of the desired selection; 
type your entry, and single click on your next entry field. 


e Press the directional arrows to scroll to the desired item; type your entry in the 
entry field. 





e Use the key to move down to the buttons at the bottom of the windows. 


Use any of the following methods to make your screen selections on the left side of 
the window. 


¢ Use the mouse and place the cursor in the box of the desired selection, and 
single click. 


e Press the directional arrows to scroll to the desired item, and press the space 
bar. 





°e Usethe =) 
selections. 


key to move from one group of selections to another group of 


The following button selections are displayed at the bottom of the windows. 
Selection Description 


Menu Retains the current values, and redisplays the “TCP/IP Con- 
figuration Tool” window. The values are not saved until you 
exit from the “TCP/IP Configuration Tool” window. 


Cancel Discards any changes made and returns you to the “TCP/IP 
Configuration Tool” window. 

F1=Help Provides help information. 

Next Screen Displays the next screen. 

Previous Screen Returns you to the previous screen. 


Configuring Services 

The following is an example of the “Configure Services” window that is displayed as 
a result of selecting Configure Services from the “TCP/IP Configuration Tool” 
window. 
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Configure Services ne 


FTP Access Protection * Host Authorization 


Janonymous | cambridg 
sarah cambym3 
julie + als-ps? 


% Client Display Variable: |9.67.30.60:0 Timezone for NFS: jestSedt 


R Pri S ; Remote Print Server's 
emote Printer Server: Printer: 
Username for REXEC & b Password for REXEC 
Remote Printing: 22 Users: Poe cee ae 
Passward for Telnet: 
Domain Name Services 


This Machine's Hostname: |happy 
Domain Name: |tcp.raleigh.ibm.com 


Domain Nameservers): [9.67.30.100 [4 
{address} 


ea 





Figure 15. Configure Services 


The TCP/IP services that can be configured are: 
Service Description 


FTP Access Protection Specifies the names of the users and passwords 
that can access your FTP server. The TRUSERS 
file that is used by the FTP server is created or 
modified. 


X Host Authorization Specifies the X client hosts on the network that are 
authorized to connect to the X server. The 
XOHOSTS file that is used by the X server is 
created or modified. a 


X Client Display Variable Specifies the DISPLAY environment variable used 
by X client utilities to indicate to which X server to 
direct their requests. An environmental variable 
called DISPLAY is added to your CONFIG.SYS file. 


Timezone for NFS Specifies the TZ environment variable used by the 
NFS server and client. The TZ environmental vari- 
able is added to your CONFIG.SYS file. 


Remote Printer Server Specifies the host name of the LPD server. An 
environment variable called LPR_SERVER is added 
to your CONFIG.SYS file. 


Remote Print Server’s Printer Specifies the name of the printer that is used by 
LPR. An environment variable called 
LPR_PRINTER is added to your CONFIG.SYS file. 


ne 
~ 
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Username for REXEC & Remote Printing 
Specifies the name used to recognize REXEC and 
remote print requests submitted by other TCP/IP 
hosts to your PC. An environment variable called 
USER is added to your CONFIG.SYS file. 


Password for REXEC Users Specifies the password used to validate REXEC 
requests submitted by other TCP/IP hosts to your 
PC. An environment variable called PASSWD is 
added to your CONFIG.SYS file. 


Password for Telnet Specifies the name of the password that is used by 
the Telnet server. An environment variable called 
TELNET.PASSWORD.ID is added to your 
CONFIG.SYS file. 

Domain Name Services Specifies the host name, the domain name, and the 
name server addresses. A RESOLYV file that is 
used by clients is created and an environment vari- 
able called HOSTNAME is added to your 
CONFIG.SYS. 


Use the function keys that are displayed on the action bar at the top of the screen to 
make your screen selections for the FTP Access Protection, Domain Name Services, 
and X Host Authorization boxes. 


The following buttons are displayed at the bottom of the window: 


Selection Description 


Menu Retains the current values, and redisplays the “TCP/IP Configura- 
tion Tool” window. The values are not saved until you exit from the 
“TCP/IP Configuration Tool” window. 


Cancel Discards any changes made and returns you to the “TCP/IP Config- 
uration Tool” window. 


F1=Help Provides help information. 
Configuring Routing Information 
The following is an example of the “Configure Routing Information” window that is 


displayed as a result of selecting Routing Information from the “TCP/IP Configura- 
tion Tool” window. 
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9.67.60.84 
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‘SUBM ET 





Figure 16. Configure Routing Information 


The Configure Routing Information window is used to define routes that are placed 
in the SETUP.CMD file. See Appendix A, “Optional Files,” or /BM TCP/IP Version 
1.2 for OS/2: User’s Guide for the routing information you need to type in the entry \ 
fields of this window. An example of the routing entry’s format is displayed at the 

top of the window. 


To make your entries, use the function keys displayed at the top of the window to 
perform the desired function, or press the key to go to the action bar and 
select the desired action. 








Use the =. key to move to the buttons at the bottom of the window. 


The following button selections are displayed at the bottom of the window. 
Selection Description 


Menu Retains the current values, and redisplays the “TCP/IP Configura- 
tion Tool” window. The values are not saved until you exit from the 
“TCP/IP Configuration Tool” window. 


Cancel Discards any changes made and returns you to the “TCP/IP Config- 
uration Tool” window. 


F1=Help Provides help information. 


Starting TCP/IP for OS/2 


When you exit the “TCP/IP Configuration Tool” window, the changes you made to 
your configuration are saved to the appropriate files. 


You must reboot your system to activate the changes to your configuration. You a, 
should shut down all tasks before you reboot your system. 
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When the system restarts, TCP/IP is started from your CONFIG.SYS. If your config- 
uration included the automatic starting of any services, your STARTUP.CMD calls 
TCPSTART.CMD, which starts the services you requested. 


During the configuration process, several files were modified. Backup copies are 
created with file names ending in .BKn. For example, the first backup copy of the 
CONFIG.SYS file would be CONFIG.BK1. 


Testing Your Installation 


You can use the PING command to test your installation. PING sends out an ICMP 
echo request to a specified destination and waits for an echo reply. The receiver 
echoes the frames it receives hack to the originator. 


Enter the PING command from an OS/2 command prompt. 


The following is the format of the PING command. 





The parameters for the PING command are: 


Parameter Description 

-? Displays help information. 

-d Starts the socket-level debugging process. 

-r Bypasses the routing table. 

-V Specifies verbose output. 

host Specifies the foreign host to which you want to send the echo 
request. 

data_size Sets the number of data bytes for the echo request (the default 
number of data bytes is 56, with an additional 8-byte header 
attached). 

npackets Sets the number of echo requests that are sent to the foreign host. 


These parameters are position dependent; you cannot specify the 
number of packets without specifying the data size. 


Note: If you do not specify npackets, the echo requests is sent 
continuously. Any of the following actions discontinues the echo 
request. 






e Pressing the %;| key andthe & simultaneously. 
_ key simultaneously. 


¢ Pressing the @ .| key andthe = = 


ES 


e Closing the task. 








PING can be used to verify the following parts of the TCP/IP for OS/2 installation. 
e PING your_internet_address 
This form of the PING command verifies that TCP/IP is running. 
¢ PING remote_internet_address 


This form of the PING command verifies that you can be addressed. 
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¢ PING remote_host_name 


This form of the PING command verifies the operation of the name server or host ( 
file and whether it can reach that host. ae 


You are now ready to use the applications and functions provided with TCP/IP for 
OS/2. 


Removing TCP/IP for OS/2 


This section describes how to remove TCP/IP for OS/2 from your PC. 


Procedure 
To remove TCP/IP for OS/2 from your PC, do the following steps. 


1. Remove any TCP/IP related information from your CONFIG.SYS. 


Note: For CONFIG.SYS statements that contain references to multiple directo- 
ries, such as SET PATH, LIBPATH and SET HELP, remove the reference to the 
directory in which TCP/IP is installed. Do not delete the entire statement. 


2. If the file C:\STARTUP.CMD contains the line CALL TCPSTART.CMD, delete the 
line. 


3. Save any configuration-related files in a directory other than the directory in 
which your current TCP/IP software resides. Configuration-related files include: 


BIN\SETUP.CMD 

BIN\TCPSTART.CMD 

ETC\SENDMAIL.CF 

BIN\SLIP.CMD 

BIN\X25.CMD 

e The files listed in Appendix A, “Optional Files.” 


4. Reboot your machine. 


5. Remove the directory structure in which TCP/IP is installed. 
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Chapter 4. Host Name Resolution 


This chapter describes the files that are used for host name resolution. The files, 
which reside in the ETC directory, are: 


¢ RESOLV 
e HOSTS 


This chapter also provides examples of the file content of the RESOLV file and the 
HOSTS file. 


Overview of Name Resolution 


RESOLV File 


When a TCP/IP for OS/2 service or application receives a symbolic name that 
represents a host address, it calls a host name resolver routine to resolve the sym- 
bolic name into an internet address. The host name resolver routine queries a 
domain name server or a local HOSTS file, or both, to perform the name resolution. 


The resolver sends the request to the foreign name server before using the local 
HOSTS file. If a RESOLV file exists in the ETC directory, the host name resolver 
routine first tries to resolve the name through name servers specified in that file. 


lf resolution through a name server fails or if a RESOLV file does not exist, the host 
name resolver routine tries to resolve the name locally by searching the HOSTS file 
in the ETC directory for a match of the symbolic host name. 


lf a match is found, the routine returns the corresponding internet address. Ifa 
match is not found, a message is displayed stating that the host is unknown. 


The following example shows the format of the RESOLV file. 


domain domain_name 
nameserver internet_address 


The following is an example of the content of a RESOLYV file. 


domain eng.mit.edu 
nameserver 129.34.128.245 
nameserver 129.34.128.246 


Because the Domain Name Server requires a fully qualified domain name, the host 
name resolver routine scans the host name to see if it contains a period. If a period 
is not present, the routine appends the domain name specified by the domain state- 
ment in the RESOLV file. Otherwise, the name is assumed to be fully qualified and 

is passed as /s to the name server. 


You can have a maximum of one domain entry and three nameserver entries. The 
routine queries the first name server specified in the RESOLV file. if the specified 

name server does not respond, the routine queries the next name server specified, 
if any, until either a response is received or the last name server specified fails to 

respond. 
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HOSTS File 


If aname server responds with the internet address associated with the symbolic 
host name, that address is returned to the requesting service or application. 


Note: For each name server that does not respond, a time-out of 60 to 80 seconds 
occurs. 


The following example shows the format of the HOSTS file. 
internet_address host_name [alias(es) | [# comment] <carriage return> 


When using the HOSTS file on a small internet, it is not necessary to use the 
hierarchical-naming system used by the larger internets. The following example is 
a token ring network of three users and their entries in the HOSTS file. 


129.5.24.1 Hostl vjsPC PC1 mathdept 
129.5.24.3 PC3 normasPC Host3 # This is Norma's PC 
129.5.24.4 PC4 budsPC 


You must enter a carriage return at the end of each line. 


In this example, each time you enter the host name of Host! or the aliases vjsPC, 
PC1, or mathdept, the local name resolver translates it to the internet address of 
129.5.24.1. For more information about the format of network addresses, see 
“Network Address Format” on page 14. 


Note: When both the RESOLV and HOSTS files exist in the ETC directory, you jr 
should keep the HOSTS file up to date. As name servers are modified, the HOSTS 
file can become outdated. 


a 
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© Copyright IBM Corp. 1990, 1991 45 








46 


IBM TCP/IP Version 1.2 for OS/2: Installation and Maintenance 


























Chapter 5. Manually Modifying Your TCP/IP Configuration 


TCP/IP for OS/2 allows you to change your TCP/IP configuration to suit your specific 
requirements. 


This chapter describes an alternative to using ICAT to modify your TCP/IP configura- 
tion. 


Configuring the Network Interface 
The IFCONFIG command assigns an address to a network interface and also config- 


ures network interface parameters. 


You must use the IFCONFIG command to define the network address of each inter- 
face present on the machine. 


You can also use the IFCONFIG command to redefine an interface’s address or 
other operating parameters. 


Warning: Do not attempt to modify the configuration of a network interface unless 
you are an experienced TCP/IP user. 


The following example shows the format of the IFCONFIG command. 





The parameters of the IFCONFIG command are: 
Parameter Description 


interface The name of the interface you are configuring (lan0, lant, 
lan2, lan3, si, or x25). 


af Name of the address family supported. 


You must specify the address family (af), because an inter- 
face can receive transmissions in different protocols, and 
each protocol requires a separate naming scheme. However, 
specifying the address family can change the interpretation of 
the remaining parameters. Specify only inet, which is the 
default. 


address The address assigned to a particular interface in the standard 
dotted-decimal notation. 


dest address Specifies the address of the correspondent on the receiving 
end of a point-to-point link. 


up Enables an interface after the interface has been marked 
down with an IFCONFIG statement. 


interfaces are automatically marked up when the first 
address is set on an interface. 
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down 


netmask mask 


metric n 


Marks an interface down. When an interface is marked down, 
the system does not attempt to transmit messages through 
that interface. In some cases, the reception of messages is 
also disabled. 


This action does not automatically disable routes using the 
interface. 


This parameter is used for networks only. The mask value 
specifies how much of the internet address to reserve for use 
as a subnetwork address. 


For example, the subnetwork capability of TCP/IP divides a 
single network into multiple logical networks. An organiza- 
tion can have a single internet network address that is known 
to users outside the organization, yet configure its internal 
network into different departmental subnets. 


The subnet, or local address, portion of an internet address is 
then divided into a subnet number and a host number, for 
example: 


network_number subnet_number host_number 


where: 

network_number Is the network portion of the internet 
address. 

subnet_number Is the subnet number portion of the 
local address. 

host_number Is the host number portion of the local 


address. 


The mask value includes the network portion of the local 
address and the subnet portion, which is taken from the host 
field of the address. The mask can be specified as.a single | 
hexadecimal number with a leading 0x, or with a 
dotted-decimal notation address. 


The mask contains 1s for the bit positions in the 32-bit 
address that are to be used for the network and subnet parts, 
and Qs for the host part. The mask should contain at least the 
standard network portion, but the bits of the netmask do not 
have to be contiguous. The subnet field should be contiguous 
with the network portion. 


For an example of the ROUTE command with the subnet 
parameter, see “ROUTE—Modifying Routing Tables” on 
page 50. 


Sets the metric for the interface to n. The value n represents 
a number and should be between 0 and 15. The default is 0 
(directly connected). The routing metric is used by the 
Routing Information Protocol (RIP). 


Metrics that are greater in value make a route less favorable. 
Metrics are counted as the number of hops to the destination 
network or host. 
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mtu n 


trailers 


-trailers 


arp 


-arp 
bridge 
-bridge 


snap 


-snap 


-allrs 


Sets the maximum transmission unit of the interface to n. 
The value n represents a number. The default MTU value is 
1500. 


Notes: 


1. When using a PCNet adapter the MTU should be set to a 
maximum of 1462. 


2. When using an Ethernet adapter on an IEEE 802.3 
network, the MTU should be set to a maximum of 1492. 


3. When using a Token Ring 16/4 Adapter/A card on a 16 
megabyte token ring, the MTU should be set to a 
maximum of 4400. 


4. When using an X.25 co-processor adapter, the MTU 
should be set to a maximum of 576. 


Requests the use of a trailer link level encapsulation when 
sending. 


For example, if a network interface supports trailers, the 
system, when possible, encapsulates outgoing messages, 
which minimize the number of memory-to-memory copy oper- 
ations that the receiver must perform. 


On networks that support the Address Resolution Protocol 
(ARP), this parameter indicates that the system should 
request that other systems use trailers when sending to this 
host. Trailer encapsulations are sent to other hosts that have 
made such requests. 


Disables trailer link level encapsulation. This is the default. 


Enables ARP in mapping between network level addresses 
and physical, or station addresses. 


ARP is currently implemented for mapping between internet 
addresses and Ethernet addresses or IBM token ring 
addresses. 


Disables Address Resolution Protocol. 
Enables routing field support. 
Disables routing field support. 


Sends token ring headers with the extended snap format. 
This is the Institute of Electrical and Electronic Engineers 
(IEEE) standard and is necessary to communicate with 
machines using the extended snap format, such as AIX”. The 
snap parameter is the configuration default. 


Does not send token ring headers with the extended snap 
format. 


Sets the token ring broadcast indicator to Single-Route 
Broadcast. The default is All-Routes Broadcast. See /BM 
OS/2 LAN Technical Reference for more information. 


broadcast broadcast_address 


Specifies the address to use to represent broadcasts to the 
network. The default broadcast address is an internet 
address with a local address that has a value of all 1s. 
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802.3 Enables Ethernet 802.3 


-802.3 Disables Ethernet 802.3. Enables Ethernet DIX 2. This is the 
default. 

icmpred Allows TCP/IP to add routes obtained by the ICMP redirects. 
This is the default. 

-icmpred Prevents TCP/IP from adding routes obtained by ICMP redi- 
rects. 


The IFCONFIG command displays the current configuration for a network interface 
when only an interface is supplied. If a protocol family is specified using af, 
IFCONFIG reports only the details specific to that protocol family. 


To receive help for the command syntax, use the IFCONFIG command alone, without 
specifying an interface, address, or parameter. 


ROUTE—Modifying Routing Tables 
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Use the ROUTE command to manually configure the network routing tables. 


Warning: Do not attempt to configure the network routing tables unless you are an 
experienced TCP/IP user. 


The following example shows the format of the ROUTE command. 





The parameters of the ROUTE command are: 


Parameter Description 
? Displays help information. 
-f Flushes the routing tables of all network and subnet route entries. 


If this is used in conjunction with another parameter, the tables are 
flushed before the parameter’s application. 


-h Flushes the routing tables of all host route entries. 


If this is used in conjunction with another parameter, the tables are 
flushed before the parameter’s application. 


add Adds a route. 

delete Deletes a route. 

net Specifies that a network is to be added or deleted. 

subnet Specifies that a subnet is to be added or deleted. 

host Specifies that a host destination is to be added or deleted. 

destination Specifies the internet address of the destination host, network, or 
subnet. 

default Specifies all destinations not defined with another routing table 
entry. 
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router Specifies the internet address of the next hop in the path to the 
destination. 


metric Specifies the number of hops to the destination. 


Note: Metric is required for add commands. 


The following is an example of a ROUTE command. 








In the example, the ROUTE -fh command clears the routing table of all entries and 
adds a route te the network 129.24.10.0 through the router 129.34.10.60, snecifying 
the number of hops to the destination host as 1. 


The following is the response that is displayed as a result of issuing the ROUTE -fh 
command illustrated in the preceding example. 





You can use the NETSTAT -r command to display the current routing tables. 


The subnet parameter is used in place of net, when using a netmask that subnets 
down into the fourth byte of an address. 


For example, if you have the address 192.67.59.nn, where nn represents any 
number, and you need to support at least 4 networks with no more than 62 hosts for 
each net, use a netmask of 255.255.255.192. The following example illustrates the 
ROUTE command with the subnet parameter. 





In the example, any packets addressed for the address range 192.67.59.65 through 
192.67.59.126 are sent to 192.67.59.66, which is one hop away. 
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Chapter 6. Manually Setting Up the TCP/IP Servers 


INETD 


This chapter describes how to manually customize TCP/IP for the OS/2 environment. 


Only one instance of each server should be run on a PC at one time. If you try to 
start a second server of the same type, a message is displayed informing you that 
the address is already in use. For example, if you have an FIP server running, you 
cannot start a second FTP server on your PC. 


This section describes how to set up the INETD server. INETD is a Super server that 
allows you to start multiple servers from a single OS/2 session, and use the appli- 
cable server when needed. INETD supports the following servers: 


e FIPD 

¢ LPD 

¢ REXECD 
¢ RSHD 

e TELNETD 
e TFTPD 


You can use INETD as an alternative to starting each individual server. However, 
you cannot specify the parameters used with LPD and TFTPD. 


Warning: Do not attempt to activate servers by two methods. If you use INETD, 
which can start multiple servers, do not attempt to start an individual server by 
using a specific server command, such as FTPD. 


For example, if you have used INETD to start FTPD, do not attempt to start FTPD 
with the FTPD command also. 


Setting Up the Environment 


Before using the INETD command, you must create or modify the INETD.LST file, 
and the file must reside in the ETC directory, or the directory specified by the ETC 
environment variable. 


INETD.LST File 
The INETD.LST file is used by the INETD server to define the servers that are to be 
activated. 


The INETD.LST file contains one or more entries. The following is an example of the 
content of an INETD.LST file containing multiple entries. For the file format, see 
Appendix A, “Optional Files.” 
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telnet tcp telnetd 


exec tcp rexecd 
ftp tcp ftpdc 
printer tcp Ipd 
tftp udp tftpd 


shel] tcp rshd 
Where: 


telnet is the application, tcp is the protocol, as defined in the services file, and 
telnetd is the server to be activated. 


exec is the application, tcp is the protocol, as defined in the services file, and rexecd 
is the server to be activated. 


Note: Ifthe TFTP server is started without using INETD, its file access path can be 
set as a parameter to the command. No such parameter can be included in the 
INETD.LST file, but the file access path can be specified by the environmental vari- 
able TFTPDPATH. For example: 


SET TFTDPATH=C: \TEMP\ 


Comment characters and blank lines are not allowed in the INETD.LST file. INETD 
will not start if it discovers any blank lines. 


Setting Up the INETD Server 


FTP 


A server is required on one of the hosts involved in the transfer of data. 


To start the server on your local host, type INETD at an OS/2 command prompt, and 
press the | 





INETD starts the INETD.EXE program. INETD.EXE runs as a task until you shut down 
the server. 


This section describes how to set up the environment and server for FTP. 


Setting Up the Environment 
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Several different files can be used by FTP to enable or automate various functions. 
These files are: 


¢ TRUSERS 
e NETRC 


These files are created by the user and must reside in the ETC directory, or the 
directory specified by the ETC environment variable. 
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TRUSERS File 

The TRUSERS file is used by the FTP server to define access authorization to users 
on the foreign host. You can define users with read access to particular directories 
and write access to particular directories. 


The following is an example of the content of a TRUSERS file containing multiple 
entries. For the file format, see Appendix A, “Optional Files.” 


user: chris boz 
rd: d:\ cs) 
wr: d:\tmp c:\tmp 


user: anonymous 
rd: c:\anonymous 
wr: 


user: diane green 
wr*: c:\etc 


Where: 


chris is the FTP user, boz is the password for chris, rd: d:\ c:\ gives chris access 
to read files and subdirectories in the c:\ and d:\ subdirectories, and 

wr: d:\tmp c:\tmp gives chris access to write to files and subdirectores only in the 
c:\tmp or d:\tmp directories. 


anonymous is defined as the user with no password. This user name has special 
meaning because you are not required to define a password. This is the only user 
name you can define without a password. This user can read files and directories in 
c:\anonymous but cannot write to any files or directories. | 


diane is the user, green is the password for diane, and wr*: c:\etc gives diane 
access to read or write to any file or directory except c:\etc. This also gives diane 
access to read or write to any other drives, floppy and mounted. 


Warning: Use discretion in giving write access to other users. A remote user with 
write access can destroy files and directories on your PC. 


NETRC File 

The NETRC file is used by the FTP (and REXEC) clients as a source for user and 
password values. Create the NETRC file in the ETC directory. For the file format, 
see Appendix A, “Optional Files.” 
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The following is an example of the content of a NETRC file containing multiple 
entries. 


machine raleigh login kent password basebal | 

machine boston login bruce password september macdef mymacro 
bel] 

hash 

prompt 

binary 

cd c:\mydir 

get myfile.bin 


machine york login jane password workday account payday 


In this example, when using the FTP command on the local host to connect to the 
raleigh host, the user kent and the password baseball are automatically sent to the 
FTP server on the foreign host. To allow the user kent access to the FTP server, the 
value of the password basebal1 must also be the password specified for the user 
kent on the foreign host running the FTP server. 


If a user uses FTP to open a connection to machine boston, the user name bruce and 
the password september are automatically passed to the FTP server on the other end 
of the connection. Also, the macro called mymacro is defined from the line following 
the macdef mymacro, until a null line is encountered. To execute the macro, mymacro, 
type $mymacro at the FTP command shell. 


Warning: If you have a Telnet, REXEC, TFTP, RSH, or FTP server running on your 
machine, be aware that a NETRC file provides users with user and password infor- 
mation that may allow them access to other users’ files. 


Setting Up the Server 
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A server is required on one of the hosts involved in the transfer of data. 


To start the server on your local host, type FTPD at an OS/2 command prompt, and 
press the 





The following example shows the format of the FTPD command. 





There are no parameters for the FTPD command. 


As an alternative, you can start this server using INETD. INETD allows you to start 
multiple servers from an OS/2 session. 


FTPD starts the FTPD.EXE program. FTPDC.EXE runs as a task until you shut down 
the server. 
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This section describes how to set up the LPD server. 


Setting Up the Environment 


All of the Line Printer commands require the host name of the server providing the 
print spooling services, as well as the printer name, and in some cases a user 
name. 


You can set default values for all of these by defining the following environment var- 
lables. You can also override the values for printer name and host name by using 
the -p and -s parameters. See the format of the specific Line Printer command you 
want to use. 


The environment variables and their associated parameters used to set default 
values for the Line Printer commands are: 


Environment Variable Parameter 
LPR_PRINTER printer 
LPR SERVER server 
USER username 


The following is a description of the parameters. 
Parameter Description 


printer Name of the printer that provides the output. When connecting to 
an OS/2 LPD server, the printer name corresponds to a queue 
defined in the Print Manager of the server machine. The user can 
also specify a device name. The LPD server tries to determine the 
associated queue as defined in the Print Manager. 


server Internet address or name of the host that provides the print 
spooling service. 


username Character string passed to the host that provides the print spooling 
services as an identifier of who created the print job. 


Setting Up the Server 


The Line Printer commands use the LPD server for remote printing. 


Before using a Line Printer command, the LPD server must be running on the 
foreign host that provides the print spooling service. 


To start the server on your local host, type LPD at an OS/2 command prompt, and 
press the = 0. 


Bess 





The following example shows the format of the LPD command. 
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The parameters of the LPD command are: 


Parameter 
-? 
-C 
-b 


-S 


Description 
Displays help information. 

Prevents printing of the control file. 

Prevents printing of the banner page. 


Causes LPD to validate client requests based on the port 
addresses. According to RFC 1179, all line printer requests should 
come from clients on a port within the range of 721 to 731. 
However, because some clients do not support this, the default 
does not verify that the client is connecting from a valid port within 
this range. 


As an alternative, you can start LPD using INETD. INETD allows you to start mul- 
tiple servers from an OS/2 session. 


|PD.EXE runs as a task until you shut down the server. 


Entering the LPRMON Command 


LPRMON is a Parallel Device Monitor that allows you to set up your PC to automat- 
ically send data to a remote LPR server. This allows you to print to an LPR server 
without an application using the Line Printer protocol directly. 
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LPRMON can work with the OS/2 Print Manager. If you defined a queue associated 
with a parallel port for which LPRMON is going to monitor, then the Print Manager 


first queues the request, at which time you can manage the queue using the Print Sis 
Manager interface before sending the request over a TCP/IP network to a remote 

LPR server. If a printer is not set up in the Print Manager for the parallel port that 

LPRMON is going to monitor, then the data is sent directly to the LPR server without 

going through the Print Manager. 


If you wish to use the Print Manager and LPRMON together, configure the Print 

Manager to be consistent with the type of printer on the remote LPD server where 

the printing actually occurs. This is done by installing the appropriate driver con- e 
nected to the parallel port that LPRMON is going to monitor. | 


For example, if the remote printer is an IBM 4019 Laser Printer in PostScript mode 
and LPRMON is started to monitor LPT3, the IBM 4019 printer should be installed in 
the Print Manager as connected to LPT3 and the PostScript printer driver should be 
loaded for the IBM 4019 printer. 


If there is no equivalent driver for the remote printer available for installation in the 
Print Manager, you should configure the port as being connected to the IBMNULL 
printer and driver. 


Note: You should use the -b option unless the remote LPD printer is strictly a text 
printer (the printer does not support embedded binary control characters). 
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The following example shows the format of the LPRMON command. 





inter] [-s server] devicena 


The parameters of the LPRMON command are: 


Parameters Description 

-? Displays help information 

-b Specifies that the data is interpreted as binary by the LPR server 
LPD. 

-f When the print server is running on a UNIX system, the -f param- 


eter formats the file using the UNIX PR command. When the print 
server is running under OS/2, LPD passes the file through unal- 


tered. 
-n Disables the beep that occurs when there is an error. 
“rn sets the number of retries. The default is 3 tries. 
-qn Sets retry delay in seconds. The default is 10 seconds 
-p printer Specifies the name of the printer to which the file is sent. If you 


omit the -p parameter, LPRMON looks at the environment variable, 
LPR_PRINTER, for the corresponding value. 


-S server Specifies the name or internet address of a network host with print 
spooling capabilities. 


If a print server is not specified on the command line, LPRMON 
looks at the environment variable, LPR_SERVER, for the corre- 
sponding value and uses that value as the print server. 


If a print server is not specified with the LPRMON command or 
defined in the environment variable, LPRMON displays an error 
message and terminates. 


devicename Specifies the parallel port for LPRMON to monitor. Data sent to 
this port is then redirected to a remote LPR server. This should be 
specified as LPD n, where nis a number between 1 and 3. 


PMX 


This section describes how to start the X Window System Server (X server). 


Starting the X Server 


Start the X server from a PM group menu, from an OS/2 command line, or from a 
batch (CMD) file. 


The following example shows the format of the PMX command. 
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Portmap 


The parameters for the PMX command are: 


Parameter 
-an 


-co filename 


-fc fontname 
-fn fontname 
-fp pathname 
-help 


-Ic 


-nocopyright 


-r 


Description 
Sets mouse acceleration (n is the number of pixels). 


Sets color database file name. The default filename is 
X11\RGB.TXT. 


Sets cursor font. The default is the font named cursor. 
Sets default font. The default is the font named fixed. 
Sets default font path. The default is X11\MISC,X11\75DPI 
Displays help information (will not start the X server). 


Doubles the dimensions of any cursor, unless the cursor 
would become too large for a PM cursor. 


Does not display initial copyright window when starting the 
server. 


Turns off the keyboard auto-repeat function. 


Turns on the keyboard auto-repeat function. This is the 
default. 


Sets mouse threshold (n is the number of pixels). 
Sets connection time-out (n is the number of seconds). 


Ignores all remaining arguments. 


In the case of the font path (-fp pathname), multiple directories are separated by 
commas, rather than blanks. For example, to start the server with both the miscel- 
laneous and the 75 dot per inch (dpi) font directories, as well as your own personal 
fonts directory C:\myfonts, specify the following command parameters: 


pmx -fp d:tcpip\X11\misc,d:tcpip\X11\75dpi,c:\myfonts 


This example assumes that you installed TCP/IP on drive d: in the \tcpip directory. 


For more information about X fonts, see “X Font Support” on page 148. For more 
information about the color database and font files, see “The Color Database 
(RGB.TXT)” on page 147 and “How the OS/2 X Server Accesses Fonts” on 


page 149. 


This section describes how to set up the Portmap server. 


Setting Up the Server 


The Portmapper program maps client programs to the port numbers of server pro- 
grams. Portmap is used with Remote Procedure Call (RPC) programs. See /BM 
TCPHP Version 1.2 for OS/2: Programmer’s Reference for additional information 
about Portmap and RPC. 


To start the PORTMAP server on your local host, type PORTMAP at an OS/2 


command prompt, and press the | 





_ key. PORTMAP.EXE runs as a task until 


you shut down the server. 
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REXEC 


This section describes how to set up the environment and server for REXEC. 


Setting Up the Environment 


NETRC File 


Before you activate the REXEC server, set the environment variables USER and 
PASSWD. These environment variables define the user’s ID and password, which a 
remote user specifies to log on to your PC. The values for these environment vari- 
ables are case sensitive. 


Examples of the USER and PASSWD environment variables are: 


SET USER=user 
SEI PASSWD=password 


These environment variables can be set in your CONFIG.SYS file, or they can be 
typed in a command shell before starting the REXEC server. Using a command 
shell has the advantage that only the command shell and any functions running in it 
have knowledge of the USER and PASSWD variables. 


The NETRC file is used by the REXEC (and FTP) client as a source for user and 
password values. Create the NETRC file in the ETC directory. For the file format, 
see Appendix A, “Optional Files.” 


The following is an example of the content of a NETRC file containing multiple 
entries. | 


machine raleigh user kent password basebal] 
machine boston user bruce password september 
machine 251.1.11.3 user jane password workday 


Note: The account and macdef parameters are not used by the REXEC server. 


In this example, when you issue the REXEC command to machine raleigh, the user 
name kent and password baseball! are automatically sent to the foreign host. The 
foreign host called raleigh has a REXEC server running and has the user kent with 
the password basebal1 defined. 


Warning: If you have a Telnet, REXEC, TFTP, RSH, or FTP server running on your 
machine, be aware that a NETRC file provides users with user and password infor- 
mation that may allow them access to other users’ files. 


Setting Up the Server 


To use the REXEC command, the REXECD server must be running on the foreign 
host. 


To start the server on your local host, type REXECD at an OS/2 command prompt, 
and press the key. 





The following example shows the format of the REXECD command. 
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RSH 


There are no parameters for the REXECD command. 


As an alternative, you can start REXECD using INETD. INETD allows you to start 
multiple servers from an OS/2 session. 


REXECD starts the REXECD.EXE program and runs as a task until you shut down the 
server. 


Security can be an issue when the REXEC server is running. If a remote user learns 
the name of the user and password on your system, that remote user can execute 
commands on your PC. 


Warning: Use discretion in allowing remote users to learn your USER and PASSWD 
environment variables. 


This section describes how to set up the environment and server for RSH. 


Setting Up the Environment 


RHOSTS File 


Before you activate the RSH server, create the RHOSTS file in the ETC directory. 


The RHOSTS file is used by the RSH server to verify the authorization of remote 
hosts. You must specify the full domain name of the remote hosts. The RHOSTS file 
must be in the ETC directory, as defined by the ETC environmental variable. 


The following is an example of the content of an RHOSTS file containing multiple 
entries. 


shofert.raleigh. ibm.com 
agusta.raleigh. ibm.com 
yazzo.watson. ibm.com 


Warning: If you have a Telnet, REXEC, TFTP, RSH, or FTP server running on your 
machine, be aware that a NETRC file provides users with user and password infor- 
mation that may allow them access to other users’ files. 


Setting Up the Server 


To use the RSH command, the RSHD server must be running on the foreign host. 


To start the server on your local host, type RSHD at an OS/2 command prompt, and 
press the key. 





The following example shows the format of the RSHD command. 
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There are no parameters for the RSHD command. 


As an alternative, you can start RSH using INETD. INETD allows you to start mul- 
tiple servers from an OS/2 session. 


RSHD starts the RSHD.EXE program and runs as a task until you shut down the 
server. 


Security can be an issue when the RSH server is running. If a remote user learns 
the host names in the RHOSTS file, that remote user can execute commands on 
your PC. 


ROUTED 


This section describes how to set up the environment and server for ROUTED. 


Setting up the Environment 


The ROUTED server queries the network and dynamically builds routing tables from 
routing information transmitted by other hosts that are directly connected to the 
network. The ROUTED server implements the Routing Information Protocol (RIP). 
See RFC 1058 for more information. The gateways file is used to configure the 
ROUTED server, and must reside in the ETC directory. 


An active entry is used to add routes to RIP routers that cannot be reached by 
normal IP broadcasts. A passive entry in the gateways file is used to add a route to 
a part of the network that does not support RIP. An external entry in the gateways 
file indicates a route that should never be added to the routing tables. If another RIP 
server offers this route to your host, the route is discarded and not added to the 
routing tables. 


The following example shows the line format for the gateways file. 





The following is a description of each element in a gateways file entry. 


Element Description 

net Specifies that a network is to be added or deleted. 

host Specifies that a host destination is to be added or deleted. 

name? Can be either a symbolic name or the internet address of the 
destination network or host. 

gateway Specifies a gateway or router. The parameters that follow 
this keyword identify the gateway or router for this destina- 
tion. 

name2 Can be either a symbolic name or the internet address of the 
gateway or router for this destination. 

metric Specifies the number of hops to the destination host or 
network. The value that follows this keyword is the metric 
hop count. 
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value Specifies the hop count to the destination. The number is an 
integer in the range of 0 through 16, where 16 (infinity) indi- 
cates the network cannot be reached. 


active Specifies the type of gateway. An active gateway is treated 
like a network interface. It is expected to exchange routing 
information, and if it does not do so for a period of time, the 
route associated with this gateway is deleted. Information 
about the active gateway is maintained in the routing tables 
indefinitely and is included in any routing information that is 
transmitted. 


passive Specifies the type of gateway. A passive gateway does not 
exchange routing information. Information about the 
passive gateway is maintained in the local routing tables 
indefinitely and is only local to this ROUTED server. 
Passive gateway entries are not included in any routing 
information that is transmitted. 


external Specifies the type of gateway. An external gateway option 
indicates that entries for this destination should never be 
added to the routing table. The ROUTED server discards 
any routes for this destination that it receives from other 
ROUTED servers. Only the destination field is significant; 
the gateway and metric fields are ignored. 


Note: The keywords in the gateways file are case-sensitive and must be entered in 
lowercase. 


The following example shows the contents of a gateways file containing multiple 
entries: 


host joespc gateway 192.9.201.5 metric 4 active 

net acmenet gateway gateway.acme.com metric 5 passive 
host vm3.ibm.com gateway 9.67.43.126 metric 6 passive 
host bad.host gateway Xxx metric 1 external 


In the first entry, the route identified goes to a specific host, joespc, through a 
gateway 192.9.201.5. The hop count metric to joespc is 4, and the gateway is treated 
as active. 


In the second entry, the route indicates that acmenet can be reached through the 
gateway gateway.acme.com, and that it is 5 hop counts away. 


In the third entry, the route indicates that vm3.ibm.com can be reached through the 
gateway 9.67.43.126, and that it is 6 hop counts away. 


In the fourth entry, the external gateway option indicates that routes for the host 
bad. host should not be added to the routing tables, and that routes received from 
other ROUTED servers for bad. host should not be accepted. 
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Setting Up the Server 


The following steps describe how to set up the ROUTED server. 


To start the server on your local host, type ROUTED, with De desired parameters 
specified, at an OS/2 command prompt, and press the 2 3. 





The following example shows the format of the ROUTED command. 





The parameters of the ROUTED command are: 


Parameters Description 


-d Enables additional debugging information to be logged, such as 
bad packets received. 


-g Offers a route to the default destination. This is typically used ona 
gateway to an internet, or on a gateway that uses another routing 
protocol, whose routes are not reported to other local gateways. 


-S Forces the ROUTED command to supply routing information 
regardless of whether it is acting as an internetwork router. This is 
the default if multiple network interfaces are present, or if a 
point-to-point link is in use. 


-q Suppresses broadcasting of routing information. 
-t Starts the packet tracing process. 
-t -t Starts the packet tracing process and traces all packets sent or 


received on the standard output. 


-t -t -t Starts the packet tracing process, traces all packets sent or 
received on the standard output, and starts the history tracing. 


-t -t -t -t Starts the packet tracing process, traces all packets sent or 
received on the standard output, starts the history tracing, and 
starts tracing the packet contents. 

Notes: 


1. The parameters for the ROUTED command are case sensitive and must be 
entered in lowercase. 


2. You must enter a space between each -t parameter when entering multiple -t 
parameters. 


ROUTED starts the ROUTED.EXE program and runs as a task until you shut down 
the server. 
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Sendmail 


This section describes how to set up the Sendmail environment. 


Setting Up the Sendmail Environment 
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The following steps describe how to set up the Sendmail environment. If you use 
the Installation and Configuration Automation Tool (ICAT) program, the Sendmail 
environment is set up for you. | 


1. SENDMAIL.CF is the configuration file for Sendmail. The SENDMAIL.CF file 
must reside in the ETC directory or the directory specified by the ETC environ- 
ment variable. 


The SENDMAIL.CF file is updated with your specific installation requirements 
during the ICAT installation process for TCP/IP for OS/2. 


Make the following changes to the SENDMAIL.CF file: 
¢ Change the Dw and Cw parameters to reflect your host name. 
e Change the DD parameter to reflect your domain. 


Note: Delete the line concerning the DD parameter if you do not have a 
domain name. 


2. The following subdirectories must reside in the ETC directory or the directory 
specified by the ETC environment variable. 


MAIL The MAIL subdirectory; incoming mail is stored in this direc- 
tory. 
MQUEUE The MQUEUE subdirectory; outgoing mail and temporary 


files are stored in this directory. 


Ensure that the MAIL and MQUEUE subdirectories have been created. 


The following example shows the format of the SENDMAIL command. 





The parameters of the SENDMAIL command are: 


Parameter Description 
-bd Starts Sendmail as a server. 
-qtime Specifies how often the mail queue should be processed. time 


should be entered in the format of number, /etter. The letter. 
s = seconds, m = minutes, h = hours, d = days, 
and w = weeks. 


For example: 


-q30m specifies every 30 minutes 
-qlh30m specifies every hour and 30 minutes. 


Note: A recommended time value is 30 minutes (-q30m). 
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-d Causes detailed debug information to be written to the Sendmail 
console, and creates a SENDMAIL.LOG file in the ETC directory 
that contains the SMTP transactions between the Sendmail server 
and the foreign SMTP server. 


-d1.1 Causes only the SENDMAIL.LOG file to be created in the ETC direc- 
tory. 


For example, to start the Sendmail server with the detailed debug information 
parameter, use: 


[C:/]sendmail -bd -q30m -d 


If you attempt to send mail to a host that is not up and running, Sendmail stores 
(queues) the maii in the MQUEUE subdirectory and continuously resends ihe maii 
after the specified time interval, until the mail is successfully sent. 


After the SENDMAIL program starts, a status message is displayed confirming that 
the program started correctly. 


SENDMAIL.EXE should be run continuously to allow you to send and receive mail. 
To run Sendmail continuously, initiate SENDMAIL.EXE when you bring up the 
system. 


Note: If you stop the Sendmail program while it is sending or receiving mail, files 
can be stranded in the MQUEUE directory. Periodically check the MQUEUE direc- 
tory, and delete old files. 


Using MX Records 
MX records direct the SMTP server to deliver mail to alternative hosts. MX records 
are obtained from the Domain Name Server. If SMTP is not using a name server, 
then MX records are not used. 


For example, if SMTP wants to send mail to USER@HOST, it checks the name 
server for MX records and finds the following: 


HOST MX 0 HOST 
HOST MX 5 HOST-BACKUP1 
HOST MX 10 HOST-BACKUP2 


SMTP delivers the mail to the record (host) that has the lowest count, in this 
example, directly to HOST. If HOST is unable to receive the mail, SMTP then tries to 
deliver it to HOST-BACKUP1. If HOST-BACKUP1 cannot receive the mail, it tries 
HOST-BACKUP2. If none of the hosts can receive the mail, SMTP stores the mail and 
queues it for later delivery, at which time the process is repeated. 


If SMTP does not find MX records for a host, it delivers mail only to the primary 
host. 


For more information about MX records, see RFC 974. 
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Talk ia 


This section describes how to set up the environment and server for Talk. << 


Setting Up the Environment 
To use the TALK command, the originating machine: 


e Must have the HOSTNAME environment variable defined. 


e The host name and the destination host must be defined on an accessible name 
server or in the HOSTS file. 


In addition, the originating host name must also exist in the destination host’s name 
server or HOSTS file. If the destination host cannot resolve the originating host 
name, the following message is generated to the originating host: 





Setting Up the Server 


To use the TALK command, the TALKD server must be running on both the local and 
foreign hosts, to exchange TALK messages. 


To start the server on your local host, type TALKD at an OS/2 command prompt, and 


press the | key. 





The following example shows the format of the TALKD command. r. 





There are no parameters for the TALKD command. 


TALKD starts the TALK.EXE program and runs as a task until you shut down the 
server. 


Telnet 


This section describes how to set up the environment and server for Telnet. 


Setting Up the Environment 


The Telnet server uses Dynamic Link Library (DLL) files to implement the supported 
terminal types. You must specify the path where the DLL files that are used with 
Telnet reside. This path is specified using the LIBPATH statement in your 
CONFIG.SYS file. 


The DLL files are: 


e VT100.DLL 
¢ ANSI.DLL 
¢ DUMB.DLL 


The TELNET.PASSWORD.ID environment variable contains the required password ed 


for the Telnet server. The TELNET.PASSWORD.ID environment variable can be set 
in your CONFIG.SYS file or from an OS/2 command prompt. During login by a 
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Telnet client, the client user is prompted for a password, which is the value of 
TELNET.PASSWORD.ID. The client user must type the value of 
TELNET.PASSWORD.ID as the password to access the Telnet server machine. 


Note: If you make changes to your CONFIG.SYS file, you must reboot your PC to 
activate the changes. 


Setting Up the Server 


TFIP 


To allow Telnet logins to your PC using TCP/IP for OS/2, you must have a Telnet 
server running on your PC. You must also set the environment variable 
TELNET.PASSWORD.ID to a value that connecting Telnet clients are required to 
enter during login. For more information about TELNET.PASSWORD.ID, see 
“Setting Up the Environment” on page 70. 


To start the server on your local host, type TELNETD at an OS/2 command prompt, 


and press the 14, key. 





The following example shows the format of the TELNETD command. 





There are no parameters for the TELNETD command. 


As an alternative, you can start TELNETD using INETD. INETD allows you to start 
multiple servers from an OS/2 session. 


TELNETD starts the TELENETD.EXE program and runs as a task until you shut down 
the server. 


A separate task, Telnet Session, is displayed in the “Task List” window for each 
client that establishes a connection with the Telnet server. 


Note: TELNETD uses functions of OS/2 that support full-screen sessions only. Asa 
result, the remote logon client must only run full-screen applications. Presentation 
Manager applications cannot be executed remotely. 


This section describes how to set up the TFTP server. Restricting access to files is 
also described. The TCP/IP for OS/2 program is implemented with both client and 
server support for TFTP. 


To use TFTP, a server must be running on the foreign host. 


Setting Up the Server 


To start th 
press the 





er on your local host, type TFTPD at an OS/2 command prompt, and 
key. 





The following example shows the format of the TFTPD command. 





Chapter 6. Manually Setting Up the TCP/IP Servers 71 


72 


There are no parameters for the TFTPD command. 


As an alternative, you can start TFTPD using INETD. INETD allows you to start mul- 
tiple servers from an OS/2 session. 


TFTPD starts the TFTPD.EXE program and runs as a task until you shut down the 
server. 


Restricting Access to Files or Directories 
The following example shows the format of the TFTPD command to specify access to 
a particular path. 





The only parameter of the TFTPD command is: 


Parameter Description 
path Specifies the path for which you are granting access to the TFTP 
client. 


The following example shows the format of the TFTPD command specifying access 
for TFTP clients to the \TEMP directory on the C drive. 





The value of the parameter is used as a prefix for all file names specified by the 
PUT and GET subcommands. If you request a GET or PUT operation, specifying a 
file name of xxx.aaa, the resulting GET or PUT is for the file xxx.aaa in the \TEMP 
directory on the C drive. 


If you specify the TFTPD command, as shown in the following example, and request 
a GET or PUT operation for the file xxx.aaa, the resulting GET or PUT would be for 
the file TEMPxxx.aaa on the C drive. 





If you start the TFTPD server with the TFTPD path parameter, all TFTP clients are 
restricted to the specified path. The TFTP clients do not have access to files on any 
other path. 
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Chapter 7. Installing and Customizing Network Management 
Components 


This chapter describes how to install and customize the components of TCP/IP for 
OS/2 that are used to manage your TCP/IP network. 


Overview of Network Management Functions 


TCP/IP for OS/2 provides the following functions to assist you in managing your 
TCP/IP Network. 


¢ Simple Network Management Protocoi (SNMP) ciient is the network manager. 
¢ SNMP Agent is the network element being managed. 
¢ The Network Monitor (PMPING), which continuously verifies that a list of hosts 


can be reached using echo requests (PING). 


A complete SNMP configuration involves both the OS/2 SNMP client and the OS/2 
SNMP agent. In addition, other IBM and non-IBM SNMP clients and agents may 
need to be configured. For an overview of the SNMP and PMPING, see /BM TCP/IP 
Version 1.2 for OS/2: User’s Guide. 


Summary of Commands 
The commands that are available for each function are: 
¢ SNMP Client 
— SNMPGRP to retrieve a group of management information variables 
— SNMP GET to retrieve a single management information variable 


— SNMP NEXT to retrieve a single management information variable from a 
table 


— SNMPTRAP to receive unsolicited notification of network events from SNMP 
agents 


¢ SNMP Agent 
— SNMPD to start the SNMP agent 
¢ Network Monitoring 
— PMPING to display the status of a group of user defined hosts. 


For a description of these commands and information about their usage, see /BM 
TCP/IP Version 1.2 for OS/2: User’s Guide. 


Other network management functions that are provided with OS/2 TCP/IP include 
ARP, FINGER, NETSTAT, and PING. These functions do not require any 
customization. For a description of these functions and their command usage, see 
IBM TCP/IP Version 1.2 for OS/2: User’s Guide. 
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Setting Up SNMP (Simple Network Management Protocol) - Summary 


The following is a summary of the steps needed to configure SNMP. 


OS/2 SNMP Client 
¢ Modify the MIB2.TBL file to include any vendor specific MIB variables. 


To manage other hosts using SNMP, an SNMP agent must be installed and oper- 
ational. Specifically: 


— Toretrieve management information from SNMP agents, you must know the 
host name (or IP address) and community name of the agent. 


— To receive TRAPs from SNMP agents, you must configure the agent to 
forward these TRAPs to the OS/2 SNMP client. 


OS/2 SNMP Agent 
¢ Modify the CONFIG.SYS file for the MIB variables SYSCONTACT and 
SYSLOCATION. 


Configure the Community Name(s) for the Agent 
e Create the PW.SRC file that contains the agent’s community name(s). 
¢ Scramble the PW.SRC file using MAKE_PW to produce the SNMP.PW file. 


e Move the scrambled file to the directory defined by the ETC environment vari- 
able. 


Configure the Destination(s) to which TRAPs are sent 


e Create the SNMPTRAP.DST file which contains a list of the SNMP client(s) to 
which TRAPs will be sent. 


Other SNMP Agents 

To manage agents other than OS/2 SNMP agents, those agents must be configured 
with a community name and set up to send TRAPs to your OS/2 SNMP client. This 
procedure depends on the particular SNMP agent you are managing. See the doc- 
umentation accompanying your SNMP agent. For example, to send TRAPs from the 
IBM VM SNMP agent to your OS/2 SNMP client: 


¢ Create the file SNMPTRAP DEST on the VM host. 
e Specify your OS/2 SNMP client host name or IP address in this file. 


Other SNMP Clients 

To manage your OS/2 SNMP agent from a client other than an OS/2 SNMP client, 
configure the OS/2 SNMP agent as described in “Installing and Configuring the OS/2 
SNMP Agent” on page 82. See the documentation accompanying your SNMP client 
for setup information. 


Setting Up the Network Monitor (PMPING) - Summary 


The following is a summary of the steps needed to configure PMPING. 


e Modify the PINGHOST.LST file to contain the IP address and information to be 
displayed for each host you want to monitor. 
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Installing and Configuring the SNMP Client 


This section describes how to set up the environment for the SNMP client. 


Management Information Base (MIB) 


The Management Information Base (MIB) defines management information obtained 
from SNMP agents. The MIB defines objects such as the description of the system 
being managed, packets received in error, and the status of an interface. 


MIB objects can be described in two ways: 


¢ Using an English-like textual notation. For example - sysDescr (system 
description) 


¢ Using Abstract Syntax Notation.1 (ASN.1). For example - 1.3.6.1.2.1.1.1.0 is the 
ASN.1 equivalent of sysDescr. 


Requests to obtain the value of a MIB object are sent to an SNMP agent using ASN.1 
notation. 


Some of these MIB objects are members of a table. For example, the Interfaces 
Table is a two dimensional array of MIB objects related to the interfaces installed. 
This array contains information such as the description of each interface and the 
speed of each interface. There can be several instances of a particular object within 
the table. For example, there would be a description of interface number 1, inter- 
face number 2, and so on. 


Some MIB objects are scalars. That is, there is only one instance of that particular 
object. For example, there is only one system description. 


Logically related MIB objects are placed into groups. A group can contain both 
scalars and tables. For example, the Interfaces Group contains a scalar (the object 
ifNumber, which is the number of interfaces present) and a table (the Interfaces 
Table). 


For more information about MIB, see Appendix D, “Management Information Base 
(MIB) Objects.” 


Setting Up the Environment 


The MIB2.TBL File 
During installation, the MIB2.TBL file is placed in the directory defined by the ETC 
environment variable in your CONFIG.SYS file. 


Several of the SNMP commands use the MIB2.TBL file. This file defines the 
mapping between an object’s ASN.1 notation and an object’s textual notation. When 
you issue an SNMP GET command, and specify the object name using the textual 
description, for example sysDescr, the OS/2 SNMP client looks for that object in the 
MIB2.TBL file and uses the corresponding ASN.1 notation in the SNMP request to an 
SNMP agent. 


The MIB2.TBL file for the OS/2 SNMP client contains the textual names as defined in 
RFC 1213. A copy of this file is contained in Appendix E, “MIB2.TBL File: MIB-II 
Objects.” Each line in this file has the following format: 


textual_name asn.1_name syntax 
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For example: 
sysDescr 1336.4 2221915120 display 


Each field in the line must be separated by one or more spaces. The fields 
textual_name and asn.1_name correspond to the English-like textual notation and 
ASN.1 notation previously described. 


The syntax field is the data type of the MIB object and has the value of display, 
object, number, counter, ticks, gauge, string, or internet. This syntax is defined in 
RFC 1155. 


You can add entries to the MIB2.TBL file. Entries do not have to be in a specific 
sequence, but each entry must start on a new line. 


Modify this file as needed for vendor-specific MIB objects, and save the new file in 
the directory defined by the ETC environment variable in your CONFIG.SYS file. 


Note: You must modify the MIB2.TBL file only if you are managing SNMP agents 
that have objects that are not defined in RFC 1213. 
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This section describes information about how to modify the MIB2.TBL file. The 
MIB2.TBL file, which was installed in the directory specified by your ETC environ- 
ment variable, contains all of the MIB objects as defined in RFC 1213. 


Before adding MIB objects to the MIB2.TBL file, you should have the following 
information: 


e¢ The textual name for each object (for example, sysDescr) 
¢ The ASN.1 notation for each object (for example, 1.3.6.1.2.1.1.1.0) 
e The syntax (data type) of each object (for example, display). 


See Appendix E, “MIB2.TBL File: MIB-Il Objects” for a copy of this file. 


The format of each line in the MIB2.TBL file is: 


textual_name  asn.1_name syntax 


The Textual Name Field 
The textual name field contains the name of the MIB object that is entered by the 
end user. 


You can modify the textual names of the MIB objects in your MIB2.TBL file and still 
have the agent respond properly. For example, you could change sysDescr to 
systemDescription. As long as the asn.1_name field is correct, the value requested 
is correct. 


Note: To remain consistent with the conventions in the MIB-II RFC, do not change 
these names. 


The ASN.1 Name Field 
This field represents the object identifier, in ASN.1 notation, of the MIB object. This 
value is sent to the SNMP agent during a SNMP GET or SNMP NEXT request. 


For those MIB objects that are scalars (unique), the value in this field must end with 


.0. The following is the entry for the scalar MIB object sysDescr in the MIB2.TBL 
file. 
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sysDescr 1.3.6.1.2.1.1.1.0 display 


If a scalar MIB object does not have the .0 suffix present, many SNMP agents 
respond with no such name when a request is made to obtain the value of that object. 


For those MIB objects which are members of a table, the value in the asn.1_name 
field must end with x., where x is a digit. For example, the entry for the MIB object 
ifindex (from the Interfaces Table) in the MIB2.TBL file is: 


ifIndex 1.3.6.1.2.1.2.2.1.1. integer 


If the trailing . (period) is left off, the request sent to the agent is not formatted prop- 
erly and can result in a response of no such name. 


The Syntax Field 
The syntax of an object defines the data type of the object. It identifies the structure 
corresponding to object types. For a complete description of all data types and their 
meanings, see RFC 1155. 
There are eight main data types: 

e Integer 


A 32 bit numeric value. 


Octet String 


A string of octets. Each byte in an octet string can take any value from 0 to 255. 


Object Identifier 


An authoritative identification of an object. This is the ASN.1 notation. 


NetworkAddress 


This data type represents an address from a protcol family. The Internet family 
is the only protocol currently supported. Because of this, NetworkAddress is 
equivalent to IpAddress. 


lpAddress 


The IpAddress is a 32-bit internet address, represented as a string of eight com- 
ponents (octets) each with a length four bytes, in network byte order. 


e Counter 


This data type represents a nonnegative integer that increases by one until it 
reaches a maximum value, at which time it resets to zero and starts increasing 
again. 


e Gauge 


This data type represents a nonnegative integer that can increase or decrease, 
but which latches at a maximum value. 


e TimeTicks 
This data type represents a nonnegative integer that counts the time in 
hundreths of a second since some event. 
In addtion to the data types listed previously, the MIB-II RFC defines two additional 
data types: 
e DisplayString 
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This data type is the same as an octet string, but is limited to the ASCII character 
set. It contains human readable characters. 


PhysAddress 


This data type is an octet string used for hardware addresses. 


Data Types Used in the MIB2.TBL File 

This section describes the correspondence between data types, as defined in the 
RFCs and the types supported by the MIB2.TBL file (and used by the SNMP GET and 
SNMP NEXT commands). When adding new objects to the MIB2.TBL, these are the 
values that should be used in the syntax field: 


Integer 


For integer objects, use number in the MIB2.TBL syntax field. An example ofa 
MIB2.TBL entry with number in the syntax field is: 


ifNumber 1.3.6.1.2.1.2.1.0 number 
Octet String and PhysAddress 


For Octet String objects and PhysAddress objects, use string in the MiB2.TBL 
syntax field. An example of a MIB2.TBL entry with string in the syntax field is: 


ifPhysaddress 1.3.6.1.2.1.2.2.1.6 string 
Object Identifier 


For Object Identifier objects, use object in the MIB2.TBL syntax field. An 
example of a MIB2.TBL entry with object in the syntax field is: 


sysSObjectID 1.3.6.1.2.1.1.2.0 object 
NetworkAddress and ipAddress 


For NetworkAddress and IpAddress objects, use internet in the MIB2.TBL syntax 
field. An example of a MIB2.TBL entry with internet in the syntax field is: 


ipRouteDest 1.3.6.1.2.1.4.21.1.1 internet 
Counter 


For Counter objects use counter in the MIB2.TBL syntax field. An example ofa 
MIB2.TBL entry with counter in the syntax field is: 


ifInOctets 1.3.6.1.2.1.2.2.1.10 counter 
Gauge 


For Gauge objects use gauge in the MIB2.TBL syntax field. An example of a 
MIB2.TBL entry with gauge in the syntax field is: 


iSpeed 1.3.6.1.2.1.2.2.1.5 gauge 
TimeTicks 


For TimeTicks objects use ticks in the MIB2.TBL syntax field. An example of a 
MIB2.TBL entry with ticks in the syntax field is: 


sysUptime 1.3.6.1.2.1.1.3.0 ticks 
DisplayString 


For DisplayString objects use display in the MIB2.TBL syntax field. An example 
of a MIB2.TBL entry with display in the syntax field is: 


sysDescr 1.3.6.1.2.1.1.1.0 display 
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Your CONFIG.SYS File 

Verify that your CONFIG.SYS file contains a PATH entry for the SNMP executable 
(EXE) files. During installation the SNMP executables and other TCP/IP executables 
are installed in the directory of your choice. 


Verify that your CONFIG.SYS file contains a LIBPATH entry for the ISODEDLL.DLL 
file. 


Verify that your CONFIG.SYS file contains an ETC entry. If there is no ETC entry, 
C:\ETC is the default. 


Starting SNMPREQD 


You must start the SNMPREQD program before invoking any of the SNMP com- 
mands. This can be done in several ways. 





¢ From the OS/2 command prompt type START SNMPREQD and press the key. 
The OS/2 START command starts a program in another session. See the OS/2 
Commands Reference for more information about the START command. 


¢ Modify or create the file STARTUP.CMD to contain the line 
START "SNMPREQD" SNMPREQD 
STARTUP.CMD is a batch file that is the first session started by OS/2. 


Display the OS/2 Task List and verify that ee . an ie SNMPREQD. The OS/2 


ee ae 


Task List can be displayed by pressing the =: | | and ES e keys, or by pressing the 


eet 
right mouse button on an unused area of the screen. 





SNMPREQD runs as a task until explicitly stopped. 


Verifying Your Setup—Invoking tre OS/2 SNMP Client Commands 


You can invoke the OS/2 SNMP client commands after the environment has been 
established and SNMPREQD is running. 


For a detailed description of the OS/2 SNMP commands’ syntax and usage, see /BM 
TCP/IP Version 1.2 for OS/2: User’s Guide. 


The following examples are shown to allow a quick verification that SNMP was 
installed properly. The examples assume that an SNMP agent is installed and oper- 
ational with the following parameters: 


¢ SNMP agent host name is quicktest 
¢ SNMP agent community name is green 


The examples also assume that the SNMP agent supports the MIB objects sysDescr 
and ifIndex, and has been properly configured to send the authentication failure 
TRAP to your OS/2 SNMP client. 


If an SNMP agent is not available, stop, and install the OS/2 SNMP agent on your 
PC. See “Installing and Configuring the OS/2 SNMP Agent” on page 82. 
The following is a list of OS/2 SNMP client commands: 

¢ SNMPGRP 


The SNMPGRP command is used to retrieve an entire group of MIB objects. 
Using the example information, at the OS/2 command prompt, type 


snmpgrp quicktest green sys 
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and press . The SNMP agent should respond with all of the supported 
objects in the System group. 


e¢ SNMP GET 


The SNMP GET command is used to retrieve an individual MIB object. Using the 
example information, at the OS/2 command prompt, type 


snmp get quicktest green sysDescr 





and press . The SNMP agent should respond with the value of sysDescr, 
the system description. 


SNMP NEXT 


The SNMP NEXT command is used to retrieve an individual MIB object from a 
table. Using the example information, at the OS/2 command prompt, type 


Snmp next quicktest green ifIndex.0 





and press . The SNMP agent should respond with the value for the first 
instance of ifIndex, which is 1. 


SNMPTRAP 


The SNMPTRAP command is used to display unsolicited TRAPs from an SNMP 
agent. Using the example information, at the OS/2 command prompt, type 


Start snmptrap 





and press . After the SNMPTRAP program window appears, select 
Get_Traps from the menu bar, and then select Start. At an OS/2 command 
prompt, type 


snmp get quicktest red sysDescr 


and press . Because red is an incorrect community name, the SNMP 
agent should respond with an authentication failure TRAP, which is displayed on 
the SNMPTRAP window. 





What to Do if there Is no Response from the SNMP Agent 
If the agent does not respond to queries from the OS/2 SNMP client, check the 
following: 


¢ Can you reach the host? Try to ping the host using PING. 
e Is the agent operational? 
e Is the community name you used correct? 
¢ Does the agent support the MIB objects you used? 
If the authentication failure TRAP was not displayed, check the following: 
¢ Is the agent configured to send TRAPs to your OS/2 SNMP client? 
¢ Does the agent support the authentication failure TRAP? 


¢ Is the community name you used incorrect? To generate this TRAP, you should 
use an incorrect community name. 


Installing and Configuring the OS/2 SNMP Agent 
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This section describes how to install and configure the OS/2 SNMP agent. 
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Setting Up the Environment 
To set up the environment for the SNMP agent, you must do the following: 


¢ Define the values for two MIB objects by modifying your CONFIG.SYS file. 


e Define a community name for this agent by creating and scrambling the PW.SRC 
file. 


¢ Define a list of SNMP clients that are sent TRAPs generated by the OS/2 SNMP 
agent, by creating the SNMPTRAP.DST file. 


Modifying Your CONFIG.SYS File 
To modify your CONFIG.SYS file, you must define values for the following two MIB 
objects. 


¢ SYSCONTACT 
¢ SYSLOCATION 


You define these MIB objects by using the OS/2 SET command to set the value of 
two environment variables, SYSCONTACT and SYSLOCATION. 


The following example shows the format of the SET command. 





SYSCONTACT contains information about a contact person for this managed node, 
along with information about how to contact the person. For example, if Bill Smith 
at telephone extension 389 is the contact person for this node, the CONFIG.SYS con- 
tains the entry: 


SET SYSCONTACT=B. Smith, Extension 389 


SYSLOCATION contains the physical location of this node. For example, if the node 
is physically located in Raleigh, Building 503, Room A145, on the floor tile K-19, the 
CONFIG.SYS contains the entry: 


SET SYSLOCATION=Raleigh, Bldg. 503, Room Al45, Tile K-19 


After modifying your CONFIG.SYS, you must reboot your PC for the changes to take 
effect. 


TRAPs 


TRAPs are unsolicited notifications of network-significant events that are sent from 
an SNMP agent to an SNMP client. For a description of TRAPs, see /BM TCP/IP 
Version 1.2 for OS/2: User's Guide. 


The SNMPTRAP.DST file determines the client(s) that are to be sent the TRAPs gen- 
erated by the OS/2 SNMP agent. The following describes how to set up the 
SNMPTRAP.DST file. 


1. Create a file called SNMPTRAP.DST in the directory defined by the ETC environ- 
ment variable in your CONFIG.SYS file. 


2. The SNMPTRAP.DST file has a list of clients who are sent TRAPs, and identifies 
User Datagram Protocol (UDP) as the transport protocol used to send TRAPs. 
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The format of each line in the SNMPTRAP.DST file is: hostname UDP 


The following is an example of the contents of an SNMPTRAP.DST file containing 
multiple entries. 


124.34.216.1 UDP 
Manager2 UDP 


Creating a Community Name File 

SNMP agents respond to requests for information from remote SNMP clients or 
network management stations. The community name is the authentication mech- 
anism used by the SNMP to verify that a request for information is valid. A commu- 
nity name is similar to a password. Each request sent to the OS/2 SNMP agent must 
be accompanied by the correct community name. If a request is received with an 
incorrect community name, an authentication failure TRAP is sent to the SNMP 
clients listed in the SNMPTRAP.DST file. 


In addition, the OS/2 SNMP agent has a protection mechanism to hide the informa- 
tion in the community name file so that it cannot be viewed. The information con- 
tained in the community name file, PW.SRC, is scrambled to prevent someone with 
access to the community name file from obtaining the actual community names. 


The actual community names should reside in an unscrambled format in a master 
file on a secure host. 


The following describes how to create a protected community name file. 


1. Verify that there is an entry in your CONFIG.SYS to SET the HOSTNAME environ- 
ment variable, SET HOSTNAME = hostname. Add this line if it is not present. 


2. Create the PW.SRC file in the directory where the SNMP executable (EXE) files 
are installed by ICAT. 


3. The format of each line in the PW.SRC file is: 
community_name desired network snmp_mask 


The following is an example of the contents of a PW.SRC file containing multiple 
entries. 


passwdl 9.0.0.0 255.0.0.0 
passwd2 129.34.81.22 255.255.255.255 


When a request is received from an SNMP client, the community name received 
is checked against the entries in the PW.SRC file. If the community name 
received does not match any of the entries listed in the PW.SRC file, an 
AUTHENTICATION FAILURE TRAP is sent, provided that a destination entry 
exists in the SNMPTRAP.DST file. If the community name received matches an 
entry in the PW.SRC file, the originating IP address of the incoming SNMP 
request is logically ANDed with the snmp_mask. The result of the logical 
ANDing process is compared with the desired_network, and if they are equal, the 
request is accepted. This allows the agent to accept requests only from certain 
clients which can have different community names. 


Using the previously described PW.SRC file as an example: assume a request 
from an SNMP client at IP address 9.34.22.122 is received and the correct com- 
munity name of passwdl was used by the manager. The IP address 9.34.22.122 
is ANDed with 255.0.0.0. The result is 9.0.0.0, which equals the specified 
desired_network and the request is valid. 
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Looking at the second entry of the example PW.SRC file, a request that contains 
the community name passwd2 is only accepted from the SNMP client at host 
129.34.81.22. lf a request is received from any other client with the passwd2 
community name, an authentication Failure TRAP is sent. A desired_network 
and snmp_mask of all zeros allows any host with the correct community_name to 
make requests. 


4. Execute the MAKE PW program. At the OS/2 command prompt, type MAKE PW 
and press | This program creates the scrambled SNMP.PW file. 





5. Copy the SNMP.PW file to the directory defined by the ETC environment variable 
in your CONFIG.SYS file. 


To protect a remote SNMP agent, SNMP.PW should be created at a secure 
location and then sent to the remote host for inclusion in the ETC directory. 


Starting the SNMP Agent 


Before starting the OS/2 SNMP agent, the SNMPREQD program must be running. 
See “Starting SNMPREQD” on page 81. 


SNMPD starts the OS/2 SNMP agent. There are several ways to start the OS/2 
SNMP agent (SNMPD): 





¢ From the OS/2 command prompt, type START SNMPD and press the 
The OS/2 START command starts a program in another session. See /BM OS/2 
Commands Reference for more information. 


e Modify or create the file STARTUP.CMD to contain the line: 
START "SNMPD" SNMPD 
STARTUP.CMD is a batch file that is the first session started by OS/2. 


Note: The entry to start SNMPD must come after the entry to start SNMPREQD in 
your STARTUP.CMD file. 


Display the OS/2 Task List and verify that there is an entry SNMPD. The OS/2 Task 
List can be displayed by pressing the keys, or by pressing the right 
mouse button on an unused area of the screen. 





SNMPD runs as a task until explicitly stopped. 


Verifying your OS/2 SNMP Agent Setup 

When the environment is established and SNMPREQD is running, the OS/2 SNMP 
agent responds to requests for management information and sends TRAPs to SNMP 
clients. To verify the agent setup, you need an SNMP client to issue these requests 
and display the results, and which also displays TRAPs. If an SNMP client is not 
available, stop, and install the OS/2 SNMP client on your PC. When the client instal- 
lation is done, see “Verifying Your Setup—Invoking the OS/2 SNMP Client 
Commands” on page 81 to verify that the SNMP agent was set up properly. 


Monitoring Your Network Using PMPING 


PMPING is a Presentation Manager (PM) program that displays the status of a user 
defined list of hosts using ICMP echo requests (PING). The PINGHOST.LST file con- 
tains the lists of hosts to be monitored. 
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Setting Up the Environment 


During installation, a sample PINGHOST.LST file is placed in the directory defined 
by the ETC environment variable in your CONFIG.SYS file. 


This table defines a list of hosts to be continuously monitored and a description of 
the host. The following example shows the format for the PINGHOST.LST file. 


host_ip_address description 
The following is an example of multiple entries in the PINGHOST.LST file. 


9.67.30.100 **Nameserver-Call_Dan 
9.67.22.1 RALVMM_via_3172-Call_IS 
# This is a comment line. 


Each field in the line must be separated by one or more spaces. The 
host_ip_address field is the IP address of the host being monitored. The description 
field is up to forty characters of comments that are displayed. A line with “#” 
starting in column 1 will be treated as a comment. Spaces are not allowed in the 
description field. 


You can list up to 300 hosts (entries) in the PINGHOST.LST file. Each entry must 
start on a new line, and the entries do not have to be in a specific sequence. 


Modify the sample file for your network and save the new file in the directory 
defined by the ETC environment variable in your CONFIG.SYS file. 


Your CONFIG.SYS File 

Verify that your CONFIG.SYS contains a PATH entry for the PMPING executable 
(EXE) file. During installation, the PMPING executable and other TCP/IP executa- 
bles are installed in the directory of your choice. 


Verify that your CONFIG.SYS contains a ETC entry. If there is no ETC entry, C:\ETC 
is the default. 


Starting PMPING—Verifying Your Setup 
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When the environment is established you can start the the PMPING program. This 
can be done in one of several ways: 


e From the OS/2 command prompt, type START PMPING and press the key. 
The OS/2 START command starts a program in another session. For more infor- 
mation about the START command, see /BM OS/2 Commands Reference. 





¢ Modify or create the file STARTUP.CMD to contain the line 
START PMPING 
STARTUP.CMD is a batch file that is the first session started by OS/2. 
Display the OS/2 Task List and verify th 


List can be displayed by pressing the | 
mouse button on an unused area of the screen. 





entry PMPING. The OS/2 Task 
keys, or by pressing the right 





PMPING runs as a task until explicitly stopped. 


From PMPING window, select Ping all from the Menu bar, and then select Start. 
The list of hosts you defined appears in the PMPING window with their status. 


To verify correct operation, make one of the hosts unreachable from your PC and 
ensure that the line corresponding to the unreachable host turns red in the PMPING 
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window. Reestablish connectivity and ensure that the host turns back to black in the 
PMPING window. 


For a description of the other options available on the Menu bar, see /BM TCP/IP 
Version 1.2 for OS/2: User’s Guide. 
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Chapter 8. Installing the Network File System Client 


This chapter describes how to install the Network File System (NFS) client, and pro- 
vides information about how to mount a remote NFS server for OS/2, AIX, VM, and 
MVS operating systems. 


Setting Up Your Local Host 


Because the OS/2 NFS client is built on the OS/2 Installable File System (IFS) base, 
an IFS statement must exist in the CONFIG.SYS file of the machine on which the 
client runs. If you allow ICAT to modify your CONFIG.SYS file, ICAT adds the state- 
ment for you. 


If you do not allow ICAT to modify your CONFIG.SYS file, then you must add the IFS 
statement to your CONFIG.SYS file. For example, if you are installing TCP/IP for 
OS/2 in the C:\TCPIP directory, the IFS statement is: 


IFS=C:\TCPIP\BIN\NFS.IFS 


Setting Up the Environment 
You can add SET commands to your CONFIG.SYS file when you add the IFS state- 
ment, to set defaults for the UNIX.UID, UNIX.GID, NFS.PERMISSION.BITS, 
NFS.PERMISSION.DBITS, and HOSTNAME environment variables. 


Note: The environment variables depend on the type of access, and the type of 
server to which the client is communicating. 


The environment variables are: 
Environment Variable Description 


UNIX.UID MOUNT can use the UNIX.UID environment variable to 
identify the client’s user ID on UNIX systems. The NFS 
server uses the user ID vaiue and the group ID value for 
permission checking. If these values are not set, MOUNT 
may prompt you to enter them. 


UNIX.GID MOUNT can use the UNIX.GID environment variable to 
identify the client’s group ID on UNIX systems. The NFS 
server uses the group ID value and the user ID value for 
permission checking. If these values are not set, MOUNT 
may prompt you to enter them. 


Note: For security reasons, you should not set UNIX.UID 
and UNIX.GID in the CONFIG.SYS file, and instead let 
mount prompt you for them. 


NFS.PERMISSION.BITS | The NFS Control Program (NFSCTL) uses the 
NFS.PERMISSION.BITS variable as the value, in octal, 
for UNIX permission bits when creating a file. The 
NFS.PERMISSION.BITS variable can also apply to 
non-UNIX servers, depending on the server implementa- 
tion. For more information, see the documentation for 
the server you are using. 
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NFS.PERMISSION.DBITS The NFS Control Program (NFSCTL) uses the 
NFS.PERMISSION.DBITS variable as the value, in octal, 
for UNIX permission bits when creating a directory. If 
this variable is not set, NFSCTL uses the value for 
NFS.PERMISSION.BITS when creating a directory. The 
NFS.PERMISSION.DBITS variable can also apply to 
non-UNIX servers, depending on the server implementa- 
tion. 


HOSTNAME The NFS Control Program (NFSCTL) uses the 
HOSTNAME variable to identify the client requesting 
access to the server. 


TZ The NFS Control Program (NFSCTL) uses the TZ environ- 
ment variable to determine the correct date and time 
associated with a file. For more information about the TZ 
environment variable, see “The TZ Environment 
Variable.” 


You are ready to start the NFS client after you complete the following steps: 
e The IFS statement has been added to your CONFIG.SYS file. 
¢ The applicable environment variables have been set. 


e You have rebooted the machine, so that the CONFIG.SYS file changes take 
effect. 


The TZ Environment Variable 

You must set the TZ environment variable, which is used to determine the correct 
date and time for clients located in different time zones. The TZ environment vari- 
able contains a string that has the abbreviation for your time zone, and the number 
of hours your time zone differs from Greenwich Mean Time (GMT). 


The following example shows the format for the TZ environment variable. 





The parameters of the TZ environment variable are: 


Parameter Description 
XXX The three-character label for your time zone. 
n The number of hours your time zone differs from GMT. If you 


are east of GMT, put a minus sign (-) before the number. If 
you are west of GMT, you can optionally put a plus sign (+) 
before the number. The rn value ranges from -12 to + 12. 


yyy The three-character label for your time zone when in daylight 
savings time. If you do not observe daylight savings time, 
leave this parameter blank. 


Note: The default for the TZ environment variable is Eastern Standard Time (EST). 


The following are examples of the TZ environment variable for different time zones. 
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Example Description 


EST5EDT For the eastern coast of the United States. The time zone 
label is EST when daylight savings time is not in effect. When 
daylight savings time is in effect, the time zone is EDT. 
During standard time there is a five hour difference between 
local time and GMT. 


CST6CDT For the central time zone of the United States. The time zone 
label is CST when daylight savings time is not in effect. 
When daylight savings time is in effect, the time zone is CDT. 
During standard time there is a six hour difference between 
local time and GMT. 


MST? For the mountain time zone of the United States. The time 
zone label is MST. Daylight savings time is not observed. 
During standard time there is a seven hour difference 
between local time and GMT. 


PST8PDT For the western coast of the United States. The time zone 
label is PST when daylight savings time is not in effect. When 
daylight savings time is in effect, the time zone is PDT. 
During standard time there is an eight hour difference 
between local time and GMT. 


The TZ environment variable should be included in your CONFIG.SYS file. You can 
let ICAT make this modification for you during configuration. If you change the TZ 
environment variable, reboot your PC so that the change takes effect. 


Starting the NFSCTL Program 


The NFS Control Program (NFSCTL) is an application that communicates with the 
NFS IFS driver. The NFS Control Program (NFSCTL) must be running to mount a 
remote file system as a local drive. 


To start the control program, a REXX file called NFSC.CMD is supplied with TCP/IP 
for OS/2. The parameters of the REXX file are identical to the parameters for 
NFSCTL. You can invoke the REXX file by typing NFSC followed by the parameters 
at an OS/2 command prompt. When you require special configuration of the client 
control program, you can either use the NFSCTL program directly, or modify the 
NFSC.CMD file. 


Using NFSSTART 


NFSSTART is a command file, written in REXX, which starts the NFS client and auto- 
matically mounts entries that are in the FSTAB file. You can use NFSSTART with 
the FSTAB file when you have a set of servers that you have to mount every day to 
avoid mounting each one manually. 


The following example shows the format of the NFSSTART command. 
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The parameters of the NFSSTART command are: 
Parameter Description 


etc_dir The base directory for the FSTAB file. If not speci- 
fied, the value of the ETC environment variable is 
used as the etc_dir. 


nfsctl_ parameters The parameters to be passed to the NFS Control 
Program (NFSCTL). 


lf FSTAB does not exist, then using the NFSSTART.CMD file is the same as using the 
NFSC.CMD file. 


Interfacing with ICAT 

ICAT edits the STARTUP.CMD file for you and adds a call to the TCPSTART.CMD 
file, which starts the services (and other programs) that you selected during the con- 
figuration phase of ICAT. The entry added for NFS is a call to NFSSTART with any 
parameters you specified on the ICAT services screen. 


The FSTAB File 


The FSTAB file specifies the NFS servers that are mounted automatically when your 
machine is booted. The FSTAB file contains two types of commands: MOUNT and 
MVSLOGIN. For more information about the MOUNT and MVSLOGIN commands, 
see /BM TCP/IP Version 1.2 for OS/2: User’s Guide. 


To enter comments into the FSTAB file put a pound sign (#) in front of the comment 
to be added. For example: 


MOUNT -u -g o: 0S2:d:\ #mount an OS/2 machine 
MOUNT -v v vml:diska.191,userid=myid,ro #mount a vm disk 

# mount a Risc System/6000 machine 

us aixl:/u/shawnna 


Note: When you enter a MOUNT command in the FSTAB file, you can omit the word 
“MOUNT”, as in the previous example. 


Stopping the NFSCTL Program 
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Because the NFSCTL program runs at a low level of the operating system, you must 
use the following method to stop the NFSCTL program. 


1. While in the NFSCTL window, press the | 





| key and @ 


lf there are no NFS drives currently mounted, the NFS client Control Program 
stops after a few minutes. 


key simultaneously. 


see 


2. lf any NFS drives are mounted, the control program notifies you, and does not 
stop. To stop the control | 
UMOUNT, and press the | 


See /BM TCP/IP Version 1.2 for OS/2: User’s Guide for information on how to deter- 
mine the drives that are still mounted using the QMOUNT command. 





If you cannot unmount all mounted drives, the preferred alternative method to stop 
the NFSCTL program is: 


1. From the Task List, highlight the NFS Control Program entry, and select End 
Task. A dialog box appears, informing you that the session selected still con- 
tains an active program, and asks if you want to close the session anyway. 


2. Select Yes to stop the NFS Control Program. 
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Note: Stopping the control program without unmounting all NFS drives can cause 
unpredictable results in applications accessing a mounted drive. 


Mounting a Remote NFS Server 


This section provides guidelines about how to mount a remote NFS server for 
common operating systems (for example, UNIX, VM, and MVS). For more informa- 
tion, see the documentation for the NFS server that you are using. 


Note: The MOUNT command varies, depending on the NFS server that you are 
attempting to mount. When you invoke the MOUNT command, the client passes the 
last portion to the server without any modifications. The server interprets the 
requested action of the client. See the specific NFS server documentation to deter- 
mine the information that the server expects from the client on a mount request. 


OS/2 NFS Servers 


To mount a directory on an OS/2 NFS server, you must export the OS/2 file system 
by adding an entry to the ETC\EXPORTS file on the server machine. The entry must 
specify the mount point, which is the directory to be exported. 


The OS/2 NFS server allows you to specify hosts that can have access and specify 
the type of access. Your user name, password, and the HOSTNAME environment 
variable, which are specified on the client machine, are sent to the server to deter- 
mine if a client can mount a particular directory and, if so, with what type of access. 


The following steps describe how to mount a directory on an OS/2 machine. 
Note: In the following steps: 


e The client machine is an OS/2 machine, with the host name andrew 

e The server machine is a OS/2 machine, with the host name christy 

¢ The mount directory is e:\ftppm 

1. Set your HOSTNAME at the client, as shown in the following example: 
os/2>SET HOSTNAME=ANDREW 


2. Start the NFS Control Program (NFSCTL), if it is not running, with the following 
command: 


os /2>NFSC 
3. Determine if the e:\ftppm directory has been exported for you to mount by using 
the show exports (SHOWEXP) command, as shown in the following example: 


os /2>SHOWEXP CHRISTY 
export list for CHRISTY: 


e:\ftppm andrew 

c:\tools 

If the SHOWEXP CHRISTY command responds with: 
e:\ftppm andrew 

or: 

e:\ftppm everyone 


you are ready to mount the e:\ftppm directory. If the SHOWEXP CHRISTY 
command does not show e:\ftppm being exported to your machine, you must add 
it to the ETC\EXPORTS file on CHRISTY. For more information about the 
EXPORTS file, see “The EXPORTS File” on page 104. 
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4. Mount the remote directory as an unused drive, as shown in the following 
example: 


os/2>MOUNT -u -g z: CHRISTY:E:\FTPPM 
mount: CHRISTY:E:\FTPPM 


AIX NFS Servers 


To mount a directory on a RISC System/6000- machine with AIX version 3.0, you 
must export the file system to your OS/2 machine. To do this, add an entry in the 
/etc/exports file on the server machine. The entry must specify a mount point, 
which is the directory to be exported, and can optionally specify a set of hosts that 
have access. 


The HOSTNAME environment variable, which is set at the client, and your UID and 
GID are sent to the server to determine if a client can mount a particular directory, 
and with what type of access. 


You can determine the mapping between user logon IDs and UNIX UIDs and GIDs by 
checking the /etc/passwd file on the server machine. 


The following steps describe how to mount a directory on a RISC System/6000 
machine. 
Note: In the following steps: 


¢ The user logon ID is jr 

e The client machine is an OS/2 machine, with the host name ziggy 

e The server machine is a RISC System/6000, with the hostname RS6000 
e The mount directory is tools 


1. Determine whether PCNFSD is running on the server. If it is, proceed to step 3. 
lf not, proceed to step 2. 


2. Determine your UID and GID on the RS6000. 
Enter the following command: 
RS6000>grep jr /etc/passwd 


jr::300:30::/usrs/jr:/bin/csh 
Where: 
300 is the UID and 30 is the GID. 

3. Set your HOSTNAME at the client, as shown in the following example. 
os/2>SET HOSTNAME=ziggy 

4. Start NFSCTL with the following command if it is not already running. 
os /2>NFSC 


5. Determine if the /tools directory has been exported for you to mount by using 
the show exports (SHOWEXP) command, as shown in the following example. 


os/2>SHOWEXP RS6000 
export list for RS6000: 


/usrs/jr Ziggy 
/usrs/ps ps 

If the RS6000 response lists: 
/tools Ziggy 

or: 
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/tools everyone 
you are ready to mount the /tools directory. 


lf the SHOWEXP RS6000 command does not show /tools being exported to your 
machine, you must add it to the /etc/exports file on RS6000. You must also have 
the NFS server read the file again. 


To add the /tools directory to the /etc/exports file on RS6000, do the following 
steps. 


a. Edit the /etc/exports file, and add the line 
/tools 
b. At the RS6000 prompt, enter the following: 
c. Verify that the correct directory has been exported. For example: 


os /2>SHOWEXP RS6000 
export list for RS6000: 


/usrs/jr Ziggy 
/usrs/ps ps 
/tools everyone 


Note: If you added the line to the exports file as /tools -access=ziggy, then 
only the host ziggy can mount the /tools directory. 


6. Mount the remote directory as an unused drive, as shown in the following 
example. 


os/2>MOUNT z: RS6000:/tools 


If PCNFSD is running on the remote server, MOUNT prompts you for your user ID 
and password. If PCNFSD is not running and you have not set the UNIX.UID and 
UNIX.GID environmental variables, then MOUNT prompts you to enter your UID 
and GID, as determined in step 2. 


To mount an NFS minidisk on a VM machine running TCP/IP Version 2.0 as a local 
drive, you must enter your user ID, password, and other options with the MOUNT 
command. 


The following steps describe how to mount a directory on a VM machine. 


Note: In the following steps: 


¢ The user logon ID is jr 

e The user password is pass 

e The server machine is a VM machine with the host name VM1 
e The mount minidisk is jr.191 


1. Start NFSCTL with the following command if its not already running. 
os /2>NFSC 

2. Give the NFS service MULTIPLE access to your minidisk. 
Note: This step can vary, depending on your installation. 

3. Mount the remote minidisk as an available drive. 


os/2>MOUNT -v z: vml:jr.191,rw,user=jr,record=n1 ,names=fold 
mount: vml:jr.191,rw,user=jr,record=nl,names=fold 
Enter password: pass 
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Note: Your password does not appear on the screen when you type it. 


MVS NFS Servers 


When using an MVS NFS server, the client needs to authorize access to the mounted 
directory by using the MVSLOGIN program provided with TCP/IP for OS/2. See IBM 
TCP/IP Version 1.2 for OS/2: User’s Guide for the format of the MVSLOGIN 
command. 


To access files from the MVS NFS machine, invoke the MVSLOGIN program only 
once to a particular MVS NFS server. For example, you can mount a particular MVS 
NFS server multiple times, but use the MVSLOGIN program with that server only 
once. 


To do this, mount the remote data set, and use the MVSLOGIN program to get 
access to the mounted files. 


Note: An MVS system can periodically log off a user. If you are logged off by the 
MVS system, reissue the MVSLOGIN command to regain access. You do not have 
to reissue the MOUNT command. 


When you finish accessing the MVS NFS server, issue the MVSLOGUT command to 
log off your user ID. 


The following steps describe how to mount a directory on an MVS machine. 


Note: In the following steps: 


¢ The user logon ID is jr 
e The server machine is an MVS machine with the host name MVS1 
¢ The mount data set is jrose 


1. Start NFSCTL with the following command if its not already running. 
os /2>NFSC 


2. Add an entry to the MVSNFS.CNTL (EXPORTS) data set to export the jrose data 
set. 


3. Restart the MVSNEFS server. 
4. Authorize the MVSNFS server to have access to the exported directory. 
Note: This step varies, depending on your particular installation. 


5. Verify that the correct directory has been exported. Enter the following 
command: 


os /2>SHOWEXP MVS1 
export list for MVS1: 


SHIFERT rose shifert 
JROSE everyone 
DMBARDON everyone 
BSTOW everyone 


6. Mount the remote directory as an unused drive. Enter the following command: 


os/2>MOUNT -u -g z: mvsl:jrose,text 
mount: mvsl:jrose, text 


Note: In the example, you are mounting the data set with the text attribute. 
see MVS/DFP Version 3 Release 3: Using the Network File System Server for 
information on this and other attributes. 


98 IBM TCP/IP Version 1.2 for OS/2: Installation and Maintenance 


- 


7. Authorize your access to the mounted drive. If access is not authorized, you will 
get an authentication failure when you try to access a file. Enter the following: 


os/2>MVSLOGIN -p mvsl1 jrose 
Enter MVS password: 
When you have successfully logged on using MVSLOGIN, you can access files. 


Note: Some systems automatically log off users after a system-defined time period. 
If authentication errors occur, you may have to reissue the MVSLOGIN command. 


When you finish accessing files, or have unmounted an MVS mounted NFS drive, log 
off using the MVSLOGUT command, as shown in the following example. 


os /2>MVSLOGUT mvsl 
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Chapter 9. Installing the Network File System Server 


The OS/2 Network File System (NFS) server allows you to transparently share files 
between your OS/2 machine and any other machine equipped with an NFS client. 
The server allows files on your machine to be available to people on other 
machines. To use files from their machines on your machine, you must use the NFS 
client. For more information about the NFS client, see Chapter 8, “Installing the 
Network File System Client.” 


Setting Up the Network File System Server 


The NFS server requires a special file, called the EXPORTS file, to exist in your ETC 
directory. This file contains a list of directories on your machine and the remote 
machines that can access these directories. ICAT does not create this file for you. 
See “The EXPORTS File” on page 104 for a description of the format of this file. 


When you run the NFS server, the PORTMAP program must also be running. 


The TZ Environment Variable 

You must set the TZ environment variable, which is used to determine the correct 
date and time for clients located in different time zones. The TZ environment vari- 
able contains a string that has the abbreviation for your time zone, and the number 
of hours your time zone differs from Greenwich Mean Time (GMT). 


The following example shows the format for the TZ environment variable. 





The parameters of the TZ environment variable are: 


Parameter Description 
XXX The three-character label for your time zone. 
n The number of hours your time zone differs from GMT. If you 


are east of GMT, put a minus sign (-) before the number. If 
you are west of GMT, you can optionally put a plus sign (+) 
before the number. The n value ranges from -12 to +12. 


yyy The three-character label for your time zone when in daylight 
savings time. If you do not observe daylight savings time, 
leave this parameter blank. 


Note: The default for the TZ environment variable is Eastern Standard Time (EST). 


The following are examples of the TZ environment variable for different time zones. 
Example Description 


EST5EDT For the eastern coast of the United States. The time zone 
label is EST when daylight savings time is not in effect. When 
daylight savings time is in effect, the time zone is EDT. 
During standard time there is a five hour difference between 
local time and GMT. 
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CST6CDT For the central time zone of the United States. The time zone 
label is CST when daylight savings time is not in effect. 
When daylight savings time is in effect, the time zone is CDT. 
During standard time there is a six hour difference between 
local time and GMT. 


MST7 For the mountain time zone of the United States. The time 
zone label is MST. Daylight savings time is not observed. 
During standard time there is a seven hour difference 
between local time and GMT. 


PST8PDT For the western coast of the United States. The time zone 
label is PST when daylight savings time is not in effect. When 
daylight savings time is in effect, the time zone is PDT. 
During standard time there is an eight hour difference 
between local time and GMT. 


The TZ environment variable should be included in your CONFIG.SYS file. You can 
let ICAT make this modification for you during configuration. If you change the TZ 
environment variable, reboot your PC so that the change takes effect. 


Starting the NFS Server 


Verify that PORTMAP is running before starting the NFS server. If PORTMAP is not 
running, type PORTMAP at an OS/2 command prompt to start it. Then type NFSD in 
a different OS/2 window to start the NFS server. 


The following example shows the format of the NFSD command. 





There are no parameters for the NFSD command. 


Stopping the NFS Server 


You can stop the NFS server at any time by pressing the 
simultaneously. 





The EXPORTS File 


The EXPORTS file is located in your ETC directory and contains an entry for each 
directory that can be exported to NFS clients. The EXPORTS file is read only during 
NFSD startup. 


The following example shows the format of the EXPORTS file. 





These elements are defined as follows: 


Element Description 

directory Specifies the path name of the directory. 

option Specifies a client that can mount this directory or 
an option. 
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The only option for the elements in the EXPORTS file is: 


Option Description 


-fo 


Exports the directory with read-only permission. If 
not specified, the directory is exported with read- 
write permission. 


A pound sign (#) anywhere in the file indicates a comment that extends to the end of 
the line. 


The following shows examples of entries in the EXPORTS file: 


Export read/write to the world: 
C:\usr\iocal 

Export read/write to only the specified machines: 
C:\usr2 hermes,zip,tutorial 

Export read-only to everyone: 
D:\usr\bin -ro 

Export read-only to roger and vinnie: 
F:\usr\net -ro roger vinnie 

Export read-only to jack and trish: 
R:\usrq jack -ro trish 

Export read/write to Jack and Jill: 
C:\hill jack jill 


Notes on the NFS Server: 


1. 


3. 
4. 


The NFS server does not keep all of the attributes for each file, as defined in the 
RFC for NFS. Instead, the attributes that map directly to an attribute in OS/2 are 
stored, and the others are either faked or permanently set to some value. 


In particular, the NFS server keeps the user-write bit in the read/write bit used by 
OS/2. The user, group, and other read bits are permanently set to 1. The group 
and other write bits are set to the same value as the user-write bit. The user, 
group, and other execute bits are set depending on the file’s extension. If the file 
ends with .exe, .EXE, .com, .COM, .cmd, .CMD, .out, .OUT, .nfs, or has no exten- 
sion, the three execute bits are set. 


. The UID and GID associated with a file are faked by the NFS server. When the 


NFS server is started, it checks the environment variables UNIX.UID and 
UNIX.GID. These values are the UID and GID associated with every file on the 
server. 


The NFS server does not support hard links or soft links. 


Because of a limitation in OS/2, the date associated with a file cannot be before 
January 1, 1980. 


. lf you use the NFS server on a FAT drive, file names are restricted to 8.3 format, 


and must be in uppercase. 
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6. If you use the NFS server on an HPFS drive, file names can be up to 254 charac- 
ters in length. Files are stored with the same name you specified during cre- 
ation (including upper and lower case). Se 
Note: HPFS considers file names that differ only in case to be the same name 
(for example, MyFile, MYFILE, and myfile all refer to the same file). 


7. For best performance, NFS clients should use no more than a 4KB buffer size 
when performing writes with BIOD’s enabled. The OS/2 NFS Client defaults to 


this configuration. 
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Chapter 10. Setting Up an X.25 Interface 


An X.25 interface with TCP/IP for OS/2 allows you to connect to another TCP/IP 
network over an X.25 network. You can use most of the same TCP/IP applications 
over an X.25 network as if your host is connected to a LAN. 


OS/2 allows multiple X.25 adapters. TCP/IP for OS/2 allows you to assign only one 
IP address to the X.25 interface. This assignment is done with the IFCONFIG state- 
ment. This chapter contains the information necessary to install, configure, and use 
an X.25 interface with TCP/IP for OS/2. 


Overview of Installation 


This section describes the system and preinstallation requirements for installing an 
X.25 interface. 


System Requirements 
You must have OS/2 EE, Version 1.3 with Communications Manager and an IBM 
X.25 Interface Coprocessor/2 adapter installed. This adapter requires a minimum of 
a PS/2 Model 50 (micro channel), or higher. For additional information about the 
required hardware and software environments, see Chapter 2, “Introducing TCP/IP 
for Your OS/2 Environment.” 


The following steps describe how to install an X.25 interface for TCP/IP. In the fol- 
lowing steps, IPX25.CFG is used as an example. 


1. Install the TCP/IP for OS/2 X.25 product using ICAT. This assumes that the 
TCP/IP for OS/2 Base product is already installed. 


To install the TCP/IP for OS/2 X.25 product: 


e Enter ICAT 

¢ Select INSTALL 

e Select the X25 Interface Software 
e Insert pd cores diskette 





2. Create the Communications Manager X.25 configuration file (for example, 
IPX25.CFG). For information about how to create the Communications Manager 
X.25 configuration file, see “Creating a Communications Manager X.25 Config- 
uration File” on page 110. 


3. OS/2 installs the X.25 Communications Manager support and puts the device 
statement (DEVICE = C:\CMLIB\ICARICIO.SYS) in the CONFIG.SYS file, if you 


type: 
reinst 


a. OS/2 EE prompts i we a specified diskette into drive A. Insert the 
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f. Press to install the X.25 Support and Exit. OS/2 EE prompts you for 
several diskettes. Insert the specified diskettes and press | : 
requested. Ne 





For more information about reinst, see the /BM Operating System/2: System 
Administrator’s Guide for Communications. 


4. Copy the ICAAIM.COM file from the X.25 option diskette, provided with your X.25 
coprocessor adapter, to the CMLIB directory by inserting the diskette in drive A 
and typing: 


COPY A: ICAAIM.COM C:\CMLIB 


Creating a Communications Manager X.25 Configuration File 
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The following steps describe an example of how to create the Communications 
Manager X.25 configuration file used for configuring an X.25 interface. For more 
information about creating the Communications Manager configuration file, see the 
IBM Operating System/2: System Administrator’s Guide for Communications. The 
following steps describe how to create the example configuration file IPX25.CFG. 
The configuration file XIPSAMP.CFG was created following these steps and has 
been included in the ETC directory. 


Note: You must have certain information available to create your configuration file. 
Review the following steps to determine the information that you need. The fol- 
lowing is only an example. You may want to contact your system administrator for 
information specific to your network. 


1. Select the OS/2 Full Screen command prompt from the “Group-Main” window. 


2. Copy the base configuration file C:\CMLIB\ACSFG.CFG (non-US version), or f 
C:\CMLIB\ACSFGUS.CFG (US version) to C:\CMLIB\IPX25.CFG. &. 


3. Start Communications Manager by selecting Communications Manager from the 
“Group-Main” window. The “Communications Manager Main Menu” is dis- 
played. 


. select Advanced from the action bar. 
. Select Configuration. 


. Specify the configuration file name IPX25 





. Press . The “Configuration Menu” is displayed. 


oN OO fk 


. Select X.25 feature profiles. The “X.25 Feature Configuration” window is dis- 
played. 


9. Select Adapter profiles. The “X.25 Adapter Profile Configuration” window is dis- 
played. 


10. Select Operations from the action bar. 
11. Select Create. The “Create/Change X.25 Adapter Profile” window is displayed. 
12. Specify the adapter name ADAPTERI 





13. Press 
14. Optionally specify a comment, such as: Adapter 1 in slot 3. 


15. Specify the slot number of the IBM X.25 Interface Co-processor/2 adapter. 





16. Press . The “X.25 Adapter Profile Configuration” window is displayed ( 


with the message: The profile has been saved. ee 





17. Press the Escape | key. The “X.25 Feature Configuration” window is dis- 


played. 
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18. 
19. 
20. 
21. 
22. 
23. 


24. 
25. 
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28. 


29. 
30. 


31. 


32. 


33. 


34. 


35. 


36. 
37. 
38. 
39. 
40. 


41. 


Select Link profiles. 
Select Operations from the action bar. 
Select Create. 


Specify the link profile name LINK1 





Press The “Create/Change X.25 Link Profile” window is displayed. 


Select Base link parameters. The “Create/Change X.25 Base Link Parameters” 
window is displayed. 


Optionally specify comment, such as: LINK1 on Adapter 1. 


Specify the Adapter profile name ADAPTER] 


. Specify the network type appropriate to your network. If you are using two work- 


stations connected using a modem eliminator or two modems and a telephone 
line, specify network type 1, otherwise press | Fl _ for help and a list of networks. 
Choose the network type for your network and note the local CCITT compliance 
and the link setup mode. You may want to contact your system administrator if 
you are unsure of your network address. For more information, see the /BM 
Operating System/2: System Administrator’s Guide for Communications. 


Specify the local DTE address. Contact your system administrator if you are 
uncertain of the local DTE address. 


Select an option for the local CCITT compliance. If the adapters are connected 
using a modem eliminator or two modems and a telephone line, select the 
default the local CCTITT compliance of 1980, otherwise select the local CCITT 
compliance noted in step 26. 


Select Connect for the initial mode of link. 


Select an option for the link setup mode. If the adapters are connected using a 
modem eliminator or two modems and a telephone line, select the default link 
setup mode of initiate from DTE, otherwise select the link setup mode noted in 
step 26. 





Press ». The “Create/Change X.25 Link Profile” window is displayed with 
the message: The profile has been saved. 


Select Virtual circuit ranges. The “Create/Change X.25 Virtual Circuit Ranges” 
window is displayed. 


Specify logical channel numbers and ranges that match the network subscription 
for the link. Contact your system administrator if you are uncertain of the logical 
channel numbers and ranges. 





Press _. The “Create/Change X.25 Link Profile” window ts displayed with 
the message: The profile has been saved. 


Select Virtual circuit parameters. The “Create/Change X.25 Virtual Circuit 
Parameters” window is displayed. 


Specify the SVC default incoming packet size 1024 
Specify the SVC maximum incoming packet size 1024 
Specify the SVC default outgoing packet size 1024 
Specify the SVC maximum outgoing packet size 1024 





Press The “Create/Change X.25 Link Profile” window is displayed with 
the message: The profile has been saved. 


Press . The “X.25 Link Profile Configuration” window is displayed. 
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42. Press 





The “X.25 Feature Configuration” window is displayed. 
43. Select Directory. The “Directory Configuration” window is displayed. 
44. Select Entry Name M2. 

45. Select Operations from the action bar. 

46. Select Create. 

47. Specify the directory entry name LOCALI 

48. Press 





49. Specify the link profile name LINK1 


50. Specify the local DTE address. Contact your system administrator if you are 
uncertain of the local DTE address. 





51. Press | _. The “X.25 Directory Configuration” window is displayed with the 
message: The profile has been saved. 


52. Press | 





. The “X.25 Feature Configuration” window is displayed. 
53. Select Directory. The “Directory Configuration” window is displayed. 
54. Select Entry Name M6. 

55. Select Operations from the action bar. 

56. Select Create. 

57. Specify the cna! entry name REMOTE] 

58. Press (37 





59. Specify the link profile name LINK1 


60. Specify the remote DTE address. Contact your system administrator if you are 
uncertain of the remote DTE address. 





63. Select Routing Table. 
64. Select M7. 


65. Select Operations from the action bar. 
66. Select Create. The “X.25 Routing Table Configuration” window is displayed. 
67. Specify the routing table entry name ROUTE] 


68. Press _ 
played. 





. The “Create/Change X.25 Routing Table Entry” window is dis- 


69. Optionally specify a comment, such as: TCP/IP X.25 Route. 
70. Specify the link profile name LINK1 

71. Specify the Call User Data field as: CC (required for TCP/IP). 
72. Press | 





73. Select Top of table. The “X.25 Routing Table Configuration” window is displayed 
with the message: The profile has been saved. 


74. Press | 
75. Press 


. The “X.25 Feature Configuration” window is displayed. 





The “Communication Configuration Menu” is displayed. 
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76. 
77. 
78. 
79. 
80. 


81. 
82. 
83. 


Select Verify from the action bar. 


Select Run Verify. 





When verification is complete, press | 
Select Exit from the action bar. 


Select Exit communication configuration. The “Communications Manager Main 
Menu” is displayed. 


Select Exit from the action bar. 
Select Exit immediately. 


Select Yes to confirm exit from the Communications Manager. 


Configuring the X.25 Interface 


The following steps describe how to configure an X.25 interface for TCP/IP: 


1. 


Create the X25IP file in the ETC directory. This file contains the local directory 
that identifies a local DTE address with a link. The following is an example of 
the contents of the X25IP file. It is based on the Communications Manager file 
IPX25.CFG that you created in “Creating a Communications Manager X.25 Con- 
figuration File” on page 110. 


LOCAL1 
See Appendix A, “Optional Files” for file format. This example X25IP file has 


been installed by ICAT in the ETC directory. If you want to use this file, you must 
copy it to your CMLIB directory. 


. Create the X25RTE file in the ETC directory. This file contains the X.25 routing 


table and decides which incoming X.25 calls are to be routed to the TCP/IP appli- 
cation. The following is an example of the contents of the X25RTE file. It is 
based on the Communications Manager example configuration file IPX25.CFG 
that you created in “Creating a Communications Manager X.25 Configuration 
File” on page 110. 


ROUTE] 


All incoming X.25 call requests that match the fields in the IPX25.CFG file with 
the routing table entry name ROUTE] are associated with the TCP/IP application. 
See Appendix A, “Optional Files” on page 167 for the specific file format. This 
example X25RTE file has been installed by ICAT in the ETC directory. If you 
want to use this file, you must copy it to your CMLIB directory. 


. Create the X25DIR file in the ETC directory. This file contains the TCP/IP X.25 


directory name that associates a remote host’s DTE address and IP address. 
The following is an example of the contents of the X25DIR file. It is based on the 
Communications Manager example configuration file IPX25.CFG that you created 
in “Creating a Communications Manager X.25 Configuration File” on page 110. 


ipaddress REMOTE1 


All outgoing IP packets with the destination of the specified remote IP address 
are sent over the X.25 interface to the remote DTE address defined in the 
IPX25.CFG file with the directory name REMOTE1. If an X.25 call is not established, 
an X.25 call request is made. See Appendix A, “Optional Files” for the specific 
file format. An example X25DIiR file with an ipaddress of default has been 
installed by ICAT in the ETC directory. If you want to use this file, you must copy 
it to your CMLIB directory. 
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4. When using TCP/IP for OS/2 over an X.25 network, switched virtual circuit (SVC) 


may be established to transfer TCP/IP data. An SVC connection is establish for 
each unique destination IP address. An SVC connection closes after a specified 
period of inactivity. You can specify the time-out period in seconds with the envi- 
ronment variable IPX25.SVC. The default value is 1800 seconds (30 minutes). 
The following example changes the time-out period to 5 minutes if you start the 
X251I0 program from the same OS/2 session: 


SET IPX25.SVC=300 


The legal range of values are from 0 (SVC connection will remain indefinitely) to 
3600 (60 minutes). 


Starting an X.25 Interface 
The following steps describe how to start an X.25 interface with TCP/IP for OS/2. 


X.25 Limitations 


1. 


as 


Start the Communications Manager by selecting Communications Manager from 
the Group-Main window. The Communications Manager X.25 configuration file 
contains the X.25 configuration information. 


The X.25 link is established. If the X.25 link cannot be established or does not 
stay established then you must stop and restart Communications Manager. 
Contact your system administrator if you cannot establish the X.25 link. 


. Start the X251O program. You can do this by entering X25I0 at the OS/2 prompt. 


There is also an XIOWAIT program in the BIN directory so that you can use the 
start X251O from a CMD file. ICAT does this in X25.CMD. 


Note: After the X25IO program is running, it cannot be stopped and restarted. 
You must reboot your machine to do this. 


. Start the X.25 interface by using IFCONFIG, ICAT will put this in the X25.CMD file 


or you can enter: 

ifconfig x25 ipaddress mtu 5/76 

Where: 

ipaddress is the IP address of the X.25 interface on your local host. 


The mtu size 576 is the default mtu size on X.25 networks that support TCP/IP. 
The IFCONFIG command with x25 specified as the interface will have no effect 
unless X25l0 is running. 


. X.25 Permanent Virtual Circuits (PVCs) are not separated. 


. A maximum of 16 active SVCs are supported. An SVC will become inactive after 


a specified period of inactivity. This is discussed in step 4 under “Configuring 
the X.25 Interface.” 


. The MTU size is not negotiated with the remote host. 


. The Department of Defence Network (DDN) algorithm is not used to convert IP 


addresses to DTE addresses. The conversion of IP addresses to DTE addresses 
is defined in the X25DIR file. 


114  iBMTCP/IP Version 1.2 for OS/2: Installation and Maintenance 





Chapter 11. Setting Up a SLIP Line 


SLIP Prerequisites: 2 «s44 4444454 Se ee eRans DMEM S Uwe Eo eo cams ewe TTF 
Setting Up the Environment ...............0.0......0...0......... 117 
Starting aSLiP interface ............2...20...00...0.000........... 118 
Using the SLIPCALL Command ................................. 118 
Originating a SLIP Connection ............0.000.0..0...0......... 419 
Accepting aSLIP Connection ..................0..0............. 120 
Ending aSLIP Connection ...............2..0..0 0.0.00 0.00.2.... 120 





© Copyright IBM Corp. 1990, 1991 115 














d Maintenance 


ion an 


Installati 


IBM TCP/IP Version 1.2 for OS/2 


116 


poe 2 
ae Roy 

ee 
eee oe 
ee 








Chapter 11. Setting Up a SLIP Line 


The Serial Line Internet Protocol (SLIP) allows you to connect to another TCP/IP 
network over a serial line. A serial line is used to set up a point-to-point link 
between a local host to a foreign host. You can use most of the the same TCP/IP 
applications over a serial line as if your host is connected to a LAN. 


Note: You should be aware that SLIP performance depends on the speed of the 
modems. The performance of some applications with SLIP can be affected. 


SLIP allows an OS/2 host to be connected to a remote host over a telephone line 
using a modem or over a Serial line using a null-modem cable. The SLIP connection 
allows you to have access to the network on which the remote host resides. 


SLIP allows you to use any valid OS/2 serial communication port (COM port) for a 
SLIP connection. However, with TCP/IP for OS/2, you can only use one COM port at 
atime. Therefore, if you have an active SLIP connection, you cannot originate or 
accept another SLIP connection. 


SLIP Prerequisites 


The following elements are required to use TCP/IP for OS/2 SLIP over a telephone 
line. 


¢ An analog telephone line. 


¢ Two Hayes AT-compatible modems are required and both must support the 
same speed, from one of the following speeds: 


— 1200 bps 
— 2400 bps 
— 4800 bps 
— 9600 bps. 
— 19 200 bps 


Note: All line speeds are given in bits per second. 


Setting Up the Environment 


You must have the DEVICE statement for the communication port in the 
CONFIG.SYS file, and the SLIP.COM environment variable must be defined. 


If you allow ICAT to modify your CONFIG.SYS file, ICAT adds the environment vari- 
able for you. When you installed OS/2, the DEVICE statement for the synchronous 
communications port was added to your CONFIG.SYS file in the default case. 


The DEVICE statement and the environment variable are shown in the following 
example. 


DEVICE=C:\0S2\COMO2. SYS 
SET SLIP.COM=COM1 


For a SLIP.COM environment variable, any valid OS/2 communication port can be 
used. 


© Copyright IBM Corp. 1990, 1991 117 


Note: COMO02.SYS is the device driver on a microchannel PS/2 running OS/2 1.3. 
COM01.SYS is the device driver on a non-microchannel PS/2 running OS/2 1.3. 
COM.SYS is the device driver on a PS/2 running OS/2 2.0. 


Starting a SLIP Interface 


The following steps describe how to start a SLIP interface. 


1. Start the SLIO program. You can do this by entering SLIO.EXE at an OS/2 
command prompt. The SLIOWAIT program in the BIN directory allows you to use 
the start slio program from a CMD file. If you use ICAT to configure SLIP this is 
your TCPSTART.CMD file by default, which is called from STARTUP.CMD. 


Note: After the SLIO program is running, it can not be stopped and restarted. 
You must reboot your machine to restart the program. 


2. Start the SLIP interface by entering ifconfig s] ipaddress ipaddress 
Where: 


The first joaddress is the IP address of the SLIP interface on your local host and 
the second /paddress is the IP address of the SLIP interface on the remote host. 
The IFCONFIG statement defines a point-to-point link. If you use ICAT to con- 
figure SLIP this IFCONFIG statement is in your SETUP.CMD file. The IFCONFIG 
command with sl specified as the interface will have no effect unless SLIO is 
running. 


Using the SLIPCALL Command 
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The SLIPCALL command communicates with a Hayes AT-compatible modem. 


Note: If you are using a serial line (with a null-modem cable) you must use the 
OS/2 MODE command and set the characteristics to 8,n,1. For example: 


mode com1:9600,8,n,1 


If you need ICAT to configure SLIP, then the SLIPCALL command is invoked from the 
SLIP.CMD file. You can also invoke the SLIPCALL command from an OS/2 
command prompt; however, it may require that you set the SLIP environment vari- 
ables. The SLIP.CMD file and the SLIP environment variables are described in 
“Originating a SLIP Connection” on page 119. 


The following example shows the format of the SLIPCALL command. 





The parameters of the SLIPCALL command are: 
Parameter Description 
-? Displays help information. 


-r Resets the modem to its default settings, and sets Disable Echo (E0) 
and Terse Result Codes (V0), which are SLIPCALL requirements. The 
communication port speed is set to the value defined in SLIP.BPS, and 
the data bits, parity, and stop bits are set to 8, N, and 1, respectively. 
The -r parameter terminates an existing SLIP connection. This option 
also turns auto-answer off. 
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-a 


-S 


Places the modem in auto-answer mode. 


Dials the modem by invoking the Hayes AT command that is defined 
by the SLIP.DIAL environment variable. The modem uses the value 

defined in SLIP.DELAY for the length of pause caused by a comma in 
SLIP.DIAL. 


Shows, or displays: 


¢ SLIP environment variable definitions for the current OS/2 session 
¢ SLIP line characteristics 

¢ Current modem signals 

e Auto-answer status. 


Originating a SLIP Connection 


This section describes how to originate a SLIP connection. These steps assume that 
a remote host supporting SLIP is configured and ready to accept a SLIP connection. 
This also assumes that SLIO is running. 


il 


a 


Enter the IFCONFIG statement and ROUTE statements necessary for a 
point-to-point link. You can enter this information by using ICAT or by editing the 
BIN\SETUP.CMD file. You must execute the BIN\SETUP.CMD file for the editing 
changes to take place. See Chapter 5, “Manually Modifying Your TCP/IP 
Configuration” for more information. 


. Enter the SLIP environment variable definitions by using ICAT or editing the 


BIN\SLIP.CMD file. The SLIP.CMD file contains definitions for the following envi- 
ronment variables: 


Environment Variable Description 

SLIP.BPS Specifies the baud rate for the modems being used. 

SLIP.DELAY Specifies the modem pause time defined for commas 
that appear in the dial string. The default pause time 
is 2 seconds. 

SLIP.DIAL Sends Hayes AT commands to the modem. Com- 


mands should include the telephone number. 


Warning: You can use the SLIP.DIAL environment 
variable to send any Hayes AT command to the 
modem. Do not use SLIP.DIAL to send the Hayes AT 
commands Enable Echo (E1) or Verbose Result 
Codes (V1), because SLIPCALL.EXE does work. 


Note: Running SLIP.CMD in an OS/2 session defines the SLIP environment vari- 
ables for that specific OS/2 session. The SLIP environment variables are not 
stored for use in other OS/2 sessions. 


For an example of a SLIP.CMD file, see Appendix B, “Sample SLIP.CMD File.” 


Invoke the SLIP.CMD file to originate a SLIP connection. The SLIP.CMD file also 
calls SLIPCALL -rd. Enter the following command: 


SLIP 


The OS/2 host attempts to make a SLIP connection. The OS/2 host is restricted 
to one SLIP connection at a time. 


Chapter 11. Setting UpaSLIPLine 119 


Accepting a SLIP Connection / 
The following steps describe how to accept a SLIP connection. 


1. Enter the IFCONFIG statement and ROUTE statements neccessary for a 
point-to-point link. You can enter this information by using ICAT, or by editing 
the BIN\SETUP.CMD file. See Chapter 5, “Manually Modifying Your TCP/IP 
Configuration” for more information. 


2. Invoke the SLIPCALL command to accept a SLIP connection. Enter the following 
command: 


SLIPCALL -ra 


Your OS/2 host is ready to accept a SLIP connection. The OS/2 host is restricted 
to one SLIP connection at a time. 


Ending a SLIP Connection 
You can end a SLIP connection by entering the following command. 
SLIPCALL -r 


This procedure resets the modem, and allows you to originate another SLIP con- 
nection. 
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Chapter 12. Setting Up Your Kerberos System 


This chapter describes how to manually configure, customize, and verify the 
Kerberos Authentication System for TCP/IP for OS/2. 


The Kerberos system in TCP/IP for OS/2 consists of the following functions: 


¢ Kerberos database 

e Authentication server 

e Administration server 

¢ Services application 

e Client application 

¢ Remote System Administrator. 


Additional background information can be found in “Bibliography” and in /BM 
TCP/IP Version 1.2 for OS/2: Programmer’s Reference. Additional commands and 
descriptions of the Kerberos functions can be found in /BM TCP/IP Version 1.2 for 
OS/2: User’s Guide. 


Setting Up the Environment 


The Installation and Configuration Automation Tool (ICAT) program does not con- 
figure the Kerberos Authentication System. You must manually configure and cus- 
tomize the Kerberos system. 


Before you set up the Kerberos system, the Kerberos services must be defined in 
the SERVICES file in the ETC directory. The Kerberos services are assigned to port 
750 for TCP and UDP. You must create the following directories: 


¢ KERBEROS 
e TMP 


Note: If you have used ICAT, the TMP directory may have already been created. 


The KERBEROS directory must reside on the host that contains the Kerberos data- 
base. 


The TMP directory must reside on the hosts that run client applications. The client's 
ticket files are stored in the TMP directory. 


Environment Variables 


lf you do not create the KERBEROS and TMP directories in the root directory, you 
must set the following environment variables. 


Environment Variable Description 


KERBEROS Specifies the drive and directory of the KERBEROS 
directory. KERBEROS is an optional environment vari- 
able, except on the host that is running the Kerberos 
database. 


TMP Specifies the drive and directory of the TMP directory. 
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The Kerberos environment variables, KERBEROS and TMP, operate in the same 
way as the ETC environment variable when you created the ETC directory. For 
more information about environment variables, see Chapter 3, “Installing TCP/IP 
for OS/2.” 


For example, if you create your KERBEROS directory on the C drive from the TCPIP 
directory, you must add the following statement to your CONFIG.SYS file. 


SET KERBEROS=C:\TCPIP\KERBEROS 


If you create your TMP directory on the C drive from the TCPIP directory, you must 
add the following statement to your CONFIG.SYS file. 


SET TMP=C:\TCPIP\ TMP 


The default for the KERBEROS directory is C:\KERBEROS. The default for the TMP 
directory is C:\TMP. 


The following environment variables are also used in the Kerberos environment. 
Environment Variable Description 


HOSTNAME _ Specifies the name of the machine on which your host is running. 
The HOSTNAME must be able to be resolved; therefore, the same 
value (for the environment variable) must be defined on an acces- 
sible name server or in the HOSTS file. HOSTNAME is required. 


TZ The NFS control program (NFSCTL) uses the TZ environment vari- 
able to determine the correct date and time associated with a file. 


The TZ Environment Variable 

You must set the TZ environment variable, which is used to determine the correct 
date and time for clients located in different time zones. The TZ environment vari- 
able contains a string that has the abbreviation for your time zone, and the number 
of hours your time zone differs from Greenwich Mean Time (GMT). 


The following example shows the format for the TZ environment variable. 





The parameters of the TZ environment variable are: 


Parameter Description 
XXX The three-character label for your time zone. 
n The number of hours your time zone differs from GMT. If you 


are east of GMT, put a minus sign (-) before the number. If 
you are west of GMT, you can optionally put a plus sign (+) 
before the number. The rn value ranges from -12 to + 12. 


yyy The three-character label for your time zone when in daylight 
savings time. If you do not observe daylight savings time, 
leave this parameter blank. 


Note: The default for the TZ environment variable is Eastern Standard Time (EST). 
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The following are examples of the TZ environment variable for different time zones. 
Example Description 


EST5EDT For the eastern coast of the United States. The time zone 
label is EST when daylight savings time is not in effect. When 
daylight savings time is in effect, the time zone is EDT. 
During standard time there is a five hour difference between 
local time and GMT. 


CST6CDT For the central time zone of the United States. The time zone 
label is CST when daylight savings time is not in effect. 
When daylight savings time is in effect, the time zone is CDT. 
During standard time there is a six hour difference between 
local time and GMT. 


MST7 For the mountain time zone of the United States. The time 
zone label is MST. Daylight savings time is not observed. 
During standard time there is a seven hour difference 
between local time and GMT. 


PST8PDT For the western coast of the United States. The time zone 
label is PST when daylight savings time is not in effect. When 
daylight savings time is in effect, the time zone is PDT. 
During standard time there is an eight hour difference 
between local time and GMT. 


The TZ environment variable should be included in your CONFIG.SYS file. You can 
let ICAT make this modification for you during configuration. If you change the TZ 
environment variable, reboot your computer so that the change takes effect. 


KERBEROS Directory Files 


To specify the Kerberos name of the remote system administrator, you must create 
the files in Table 1 on the host running the Kerberos database. The Kerberos 
remote system administrator can add, retrieve, and modify entries in the Kerberos 
database. 


Table 1. KERBEROS Directory Files 


Name of File Contents of File Sample of File 

ADM_ACL.ADD administrator’s_principal_name.instance@realm krbadm.admin@univ.educ.chem 
ADM_ACL.GET administrator’s_principal_name.instance@realm krbget.admin@univ.educ.bio 
ADM_ACL.MOD administrator’s_principal_name.instance@realm krbmod.admin@univ.educ.math 


Note: When you create the contents of these files, you must define instance as 
admin. Realm is usually the domain name. 


These KERBEROS directory files can contain multiple entries in the same format. 


TMP Directory Files 


You do not need to create any files in the TMP directory. Ticket files are written to 
the TMP directory when you use Kerberos. 


All hosts running client applications must create the TMP directory and set the TMP 
environment variable to the path where the TMP directory resides. 
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ETC Directory Files 


Table 2 contains the ETC directory files used with Kerberos. You must create the 
KRB.CMF file. The KRB.RLM file is optional. The ETC directory files used with 
Kerberos must reside in your ETC directory or in the directory specified by the ETC 
environment variable. 


Table 2. ETC Directory Files 


Name of File 


KRB.CNF 


KRB.RLM 


Contents of File Sample of File 


realm host_name [admin server | univ.educ.chem 


univ.educ.chem chrispc admin server 
univ.other.dept joanpc 


domain_name realm .educ.chem univ.educ.chem 


.educ.bio univ.educ.bio 
or chrispc univ.educ.chem 
joanpc univ.educ.bio 


host_name realm 


The KRB.CNF file identifies the hosts that are running the Kerberos authentication 
server. The first line defines the local rea/m to which that host belongs. Each of the 
following lines specify the rea/m and host_name where the Kerberos server is 
running. admin server indicates that the host provides an administration database 
server. The host_name that you specify must also be defined in the name server or 
in the HOSTS file in your ETC directory. 


The KRB.RLM file indicates the rea/ms to which the hosts belong. To specify the 
realm for host names specified in fully qualified domain style, for example, 
chrispc.univ.educ.chem, you should use the format with domain specified in the first 
column of the KRB.RLM file, as shown in Table 2. To specify the rea/m for hosts 
with no recognizable domain, for example, chrispc, you should use the format with 
host_name in the first column of the KRB.RLM file. 


If the KRB.RLM file does not exist and the host name is specified in fully qualified 
domain style, the rea/m is the host name's domain. For example, univ.educ. chem. 


If the KRB.RLM file does not exist and the host name is of no recognizable domain, 
the Kerberos rea/m for that host is the local rea/m that is specified in the first line of 
the KRB.CNF file. 


You are now ready to use the Kerberos commands to build and use your Kerberos 
database. 


Building the Kerberos Database 


The following Kerberos commands allow you to create and use the Kerberos data- 
base. Enter the Kerberos commands at an OS/2 command prompt to create and use 
the Kerberos database. 


Command Function 

KDB_INIT Used to build and format the Kerberos database. 

KDB_UTIL Used to load or dump the Kerberos database. 

KDB _EDIT Used to register users to the Kerberos database. 

KADMIN Used to add, retrieve or modify the Kerberos database. remotely. 
EXT SRTB Used to generate key files for specified instances. 
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fo. 


The following sections contain descriptions and examples of the Kerberos com- 
mands that are used to build the Kerberos database. 


Creating the Kerberos Database—KDB_INIT 


The following example shows the format of the KDB_INIT command. 





There are no parameters for the KDB_INIT command. 


The following steps describe how to create the Kerberos database: 


1. Set the environment variable KERBEROS to the path on which your KERBEROS 
directory resides, on the host on which you want the KERBEROS server and 
Kerberos database to reside. For example: 


SET KERBEROS=C:\TCPIP\KERBEROS 


After the Kerberos database is created, the Kerberos database files are stored in 
the KERBEROS directory. 





2. Type KDB_INIT at an OS/2 command prompt, and press the 
and initialize the Kerberos database files. 


key to create 


The system prompts you for the local rea/m. 


3. Type the name of the rea/m on which the Kerberos database resides at the 
realm prompt, and press the = 3: key. YOUR_KRB.RE.ALM is the default. 





The system prompts you for the master password. 





4. Type the master password at the password prompt, and press the 


For verification purposes, the system prompts you again for the master pass- 
word. 





5. Retype the master password at the password prompt, and press the 
for verification. 


key 


You need the master password to manage the Kerberos database. If the 
Kerberos database file already exists, the system indicates that the file already 
exists. After the Kerberos database files are initialized, an OS/2 command 
prompt is displayed. 


When you create a Kerberos database, the following files are automatically created 
in the KERBEROS directory. Verify that these files reside in your KERBEROS direc- 
tory. 


e PRINC.DAT 
e PRINC.IDX 
e PRINC.OK 


Loading and Dumping Your Kerberos Database—KDB_UTIL 


The following example shows the format of the KDB_UTIL command. 
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The parameters of the KDB_UTIL command are: 


“SS 


Parameter Description 
operation Specifies dump or load. 


filename Specifies the name of the text file into which the database is 
dumped or loaded. 


If you specify dump, the contents of the Kerberos database are dumped to the speci- 
fied file name. Edit this dumped file with your System Editor to modify the contents 
of the database. 


If you specify load, the contents of the file name are loaded to the Kerberos data- 
base. 


Read locking of the database is done during the dump operation. No locking is done 
during a load operation. Loads should be performed with other processes shut- 
down. 


The following is an example of using the KDB_UTIL command to examine the con- 
tents of the database. First dump the database to a file, ABC, by typing the 
KDB_UTIL DUMP ABC command; then display the file ABC by typing the command, 
TYPE ABC. 





a 


Each line is a registered entry. 


If the operation is successful, an OS/2 command prompt is displayed. If the opera- 
tion is unsuccessful, an error message is displayed. 


Registering a Kerberos User Locally—KDB_EDIT 


The following example shows the format of the KDB_EDIT command. 





There are no parameters for the KDB_EDIT command. 
KDB _EDIT is used to register users and services to the Kerberos database. 
A user's instance and a service's instance are usually specified by the following 


rules: 


e A user’s instance is optional. Users with privileges, for example, the remote 
system administrator, should register with an instance of admin. Users without 
privileges have an /nstance of null. | 


e A service's instance is usually the host name where the service is running. 


e An instance should not exceed 8 characters in length. \ 
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The system prompts you for the Kerberos master password and for information 
about the user and service that you want to add. The following is an example of 
running KDB _EDIT. 





The following steps describe how to register a Kerberos user or service eee 





1. Type KDB_EDIT at an OS/2 command prompt, and press the 


The system prompts you for the Kerberos master password. 





2. Type the master password at the password prompt, and press the re 


If the master password is valid, KDB_EDIT allows you to register a user or a 
service. 


The system prompts you for the principal name. 


3. Type vie Za) name or service name at the principal name prompt, and press 
the 





Note: The services that you register must also be defined in the SERVICES file 
in your ETC directory. 


The system prompts you for the instance. 





4, If you are registering a user, press the (2) 22) key for a null instance. If you are 
registering a remote administrator, type admin, and press the 2.32. key. If you 
are registering a service, at the instance prompt, type the name ‘of the host 
where the service resides, and press the | 








e If the user or the service already exists in the database, the system asks you 
if you want to change the password. 


¢ If the user or the service does not exist in the database, the system prompts 
you for the expiration date, ticket lifetime for the user or services, and the 
attribute. Defaults are provided for these prompts. If you want to use the 
default values, press the key. Otherwise, specify the desired value 
and press the key. 
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The following message is displayed if the user or service is registered: 





The system prompts you for the next entry. 





5. You can press the 2 _ key at the principal name prompt to exit the registra- 
tion process or repeat steps 3—5 to register the next Kerberos user name or 
Kerberos service name that you want to establish. | 


To list the entries in your Kerberos database, use the KDB_UTIL DUMP command. 
See “Loading and Dumping Your Kerberos Database—KDB_ UTIL” on page 127 for 
more information about listing the entries in your Kerberos database. 


You must inform the user of the Kerberos name and password that you assign to 
them. 


Registering a Kerberos User Remotely — KADMIN 


To modify the Kerberos database remotely, you must use the KADMIN command 
and have the remote administration server, ADM_SERV, running on the machine 
that contains the Kerberos database. See “Kerberos Administration Server” on 
page 135 for information about setting up the Kerberos administration server. 


You can add, retrieve, or modify the database using the KADMIN command only if 
your instance is specified to have admin authority in the ADM_ACL.ADD, 
ADM_ACL.GET, and ADM_ACL.MOD files that reside in the KERBEROS directory, 
and if you are registered in the Kerberos database with instance as admin. The 
KADMIN command can only be used to add, retrieve, or modify a Kerberos user 
with instance as null. The only exception is that you, as a remote administrator 
with instance as admin, can change your own password. 


The following example shows the format of the KADMIN command. 





There are no parameters for the KADMIN command. 


Type KADMIN at an OS/2 command prompt, and press the 
KADMIN utility. 


key to start the 





At the “Your userid” prompt, type the administrator's principal name. 


The following message is displayed. 





At the admin prompt, type ? to list the available subcommands. To obtain 
instructions on how to use these subcommands, type HELP followed by the subcom- 
mand you want to use, and press the key. 





130 IBMTCP/IP Version 1.2 for OS/2: Installation and Maintenance 


—_ 


The subcommands of the KADMIN command are: 


Subcommand Function 

ADD_NEW_KEY Registers a new principal name with the Kerberos 
database. Requires one argument, the principal 
name. 


The shorter term ANK can also be used. 


CHANGE PASSWORD Changes the Kerberos password for the principal 
name. Requires one argument, the principal name. 


The shorter term CPW can also be used. 


CHANGE ADMIN PASSWORD 
Changes your ADMIN /nstance password. Requires no 
arguments. 


The shorter term CAP can also be used. 
LIST REQUESTS Displays a list of possible subcommands. 
The shorter term LR or ? can also be used. 


GET_ ENTRY Gets you an entry into the Kerberos database for 
review. At the password prompt, type your adminis- 
trator password, and press the key. 





The shorter term GET can also be used. 


HELP command name Displays help messages for KADMIN. If you enter this 
subcommand without an argument, a general help 
message is displayed. 


QUIT Terminates the Kerberos program. The term EXIT can 
also be used. 


To manage the Kerberos database remotely, you must first complete the following 
steps on the host on which the Kerberos database resides. 


1. Register the remote administrator with the Kerberos database. 


The administrator can choose the principal name and password. However, the 
instance must be admin. The remote administrator's password is requested 
when you use the KADMIN utilities. 


You should also add the system administrator’s full Kerberos name to the 
ADM_ACL.ADD, ADM_ACL.GET and ADM_ACL.MOD files in the KERBEROS 
directory on the host that contains the Kerberos database. See “KERBEROS 
Directory Files” on page 125 for the line format and sample contents of the 
KERBEROS directory files. | 


key to start the 





2. Type ADM_SERV at the password prompt, and press the 
remote administration server. 


The system prompts you for the Kerberos master password. 





3. Type the master password at the password prompt, and press the key. 


If the remote administration server starts successfully, the following message is 
displayed: 
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Note: The remote administration server is one of the services that the Kerberos 
database provides. The remote administration server has already been regis- 
tered as changepw when you started the Kerberos database. Therefore, you do 
not have to register the remote administration server. 


On the remote host on which you want the remote administration utility, KADMIN, to 
run: 


poo 





. Type KINIT -irv at an OS/2 command prompt, and press the 
the initial ticket. 


key to get 


The system prompts you for the Kerberos principal name. 


2. Type the principal name that you registered locally in the Kerberos database at 
the principal name prompt, and press the 





The system prompts you for the instance. 


3. Type the instance admin that you feg)sieied locally in the Kerberos database at 
the instance prompt, and press the = 2, 





The system prompts you for the rea/m name. 


4. Type the name of the petal key the Kerberos database resides at the realm 





See /BM TCP/IP Version 1.2 for OS/2: User’s Guide for more information about 
the KINIT command. 


5. ae ele at an OS/2 command prompt to start the KADMIN utility, and press 





Generating the Key File for an Instance—EXT_ SRTB 


The following example shows the format of the EXT SRTB command. 





The EXT_SRTB command is used by the host running the Kerberos database to gen- 
erate key files for hosts providing services. The instance is the instance whose key 
file is to be generated. Multiple instances can be specified on the same command 
line. 


The following steps describe how to generate the key files for instances. 


1. Type EXT_SRTB, followed by at least one instance at an OS/2 semen? prompt, 
on the host running the Kerberos database, and press the | key. 





The system prompts you for a password. 


2. pe Ene Kerberos master password at the password prompt, and press the 





For verification purposes, the system prompts you again for the master pass- 
word. 





3. Retype the master password at the password prompt, and press the |= 
for verification. 


If the password is correct, the system searches through the Kerberos database 
entries for each of the specified instances. For example, if you type EXT_SRTB 
inst1, the system searches through the Kerberos database, entries for the speci- 
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fied instance of instl. When the system finds inst], a key file INST1.STB is gen- 
erated. 


The following is an example of a key file INST1.STB. 





Copy each instance.STB key file to the ETC directory of the corresponding 
instance’s host and rename it to SRVTAB. 


4. Use the KLIST -srvtab command to see the contents of this key file. See /BM 
TCP/IP Version 1.2 for OS/2: User’s Guide for the usage of the KLIST command. 


Setting Up the Kerberos Servers 
This section describes how to set up the following Kerberos servers: 


e Authentication Server 
e Administration Server. 


See [BM TCP/IP Version 1.2 for OS/2: Programmer's Reference for additional infor- 
mation about the authentication server, which includes the ticket-granting server. 


Kerberos Authentication Server 


You must start the Kerberos authentication server before you can use the Kerberos 
system. The authentication server provides a way for authenticated users to prove 
their identity to other servers across a network. The authentication server reads the 
Kerberos database to verify that the client making the request is the client named in 
the request. 


Note: The authentication server must run on the same host as the Kerberos data- 
base. 


The following files must reside in your ETC directory or the directory specified by 
the ETC environment variable. 


¢ KRB.CNF 
e SERVICES 
¢ KRB.RLM (optional) 


The local realm specified in the first line of the KRB.CNF file must be the same as 
the realm name that is specified when running the KDB_INIT command. The service 
kerberos must be defined in the SERVICES file. 


To start the Kerberos authentication server, use the KERBEROS command. 


Chapter 12. Setting Up Your Kerberos System 133 


134 





The following example shows the format of the KERBEROS command. 














The only parameter of the KERBEROS command is: 
Parameter Description 
-m Prompts you to manually enter the Kerberos master 

password. 
To start the authentication server, tyoe KERBEROS -m at an OS/2 command prompt, 
and press the 
The following screen is an example of running the KERBEROS command: 
The system prompts you for a password. 
Type your Kerberos master password at the password prompt, and press the 
For verification purposes, the system prompts you again for the master password. 
Retype the master password at the password prompt, and press the key for 
verification. 
KERBEROS.EXE starts and runs until explicitly stopped. 
A log file called KERBEROS.LOG is created in the KERBEROS directory. All trans- 
actions done by the Kerberos authentication server are recorded in the 
KERBEROS.LOG file. 
Note: Because Kerberos continuously appends, you should periodically check the 
size of the KERBEROS.LOG file. 
You can now use the Kerberos system. See /BM TCP/IP Version 1.2 for OS/2: 
User’s Guide for a description of the Kerberos commands. 

/ 
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Kerberos Administration Server 
The Kerberos administration server allows you to modify the Kerberos database 
remotely. 


Note: The administration server must run on the same host as the Kerberos data- 
base. 






To start the administration server, type ADM_SERV at an OS/2 command prompt, 


saree 


SES 





SS 


and press the En er 
The password prompt is displayed. 


Type your Kerberos master password at the password prompt, and press the 


prac 
ae ogee 





ADM_SERV starts and runs until explicitly stopped. 


A log file called ADM SRV.LOG is created in the KERBEROS directory. All trans- 
actions done by the ADM_SERV are recorded in the ADM_SRV.LOG file. 


Note: Because Kerberos continuously appends, you may want to periodically check 
the size of the ADM _SRV.LOG file. 


You can now run the KADMIN utility on a remote host. See “Registering a Kerberos 
User Remotely — KADMIN” on page 130 for further information about the KADMIN 
command. 


Setting Up a Service and Client Application 


The services and clients in the application programs in the Kerberos system must 
be able to handle the authentication procedure. You can develop your Kerberos 
services and client’s applications using the SAMPLE_S and SAMPLE C programs, 
which are provided in the /BM TCP/IP Version 1.2 for OS/2: Programmer's Refer- 
ence. 


Setting Up a Service Application 


The following steps describe how to set up a service application. 
1. Add the service name to the file SERVICES in the ETC directory. 


The services provided in the Kerberos system should be able to support the 
authentication procedure. Hosts running the client application and the service 
application must have these entries in their SERVICES file. 


2. On the host where the Kerberos database resides, use KDB_EDIT to register the 
service name with the Kerberos database locally. Use the service name as the 
principal and the host name where the service is running as the instance. For 
example, ftp is the principal and the host name where the service is running, 
chrispc is used as the instance. Also provide a password for the service you 
register. The password is converted to the key for the service. 


After you register all the services provided by the same host chrispc, at an OS/2 
command prompt, type EXT_SRTB instance. For example, EXT_SRTB chrispc 
generates the file CHRISPC.STB. CHRISPC.STB is the file in which the server's 
keys are stored. The EXT _SRTB program resides in the host running the 
Kerberos database. 
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3. 


4. 


Transfer the key file to the host providing the services (for example, chrispc). 
Rename the key file to SRVTAB and put it in the ETC directory. 


You can now start the service on the host providing the services (for example, 
chrispc). 


Setting Up a Client Application 


The following steps describe how to set up a client application. 


1. 


Register the client with the Kerberos database locally using KDB_EDIT or 
remotely using the KADMIN function. | 


. Verify that the services you want are in the SERVICES file in the ETC directory. 


Include the server host name in the name server or in the HOSTS file in your 
ETC directory. 


. Edit the KRB.CNF file in your ETC directory to show the hosts on which the 


Kerberos authentication servers are running. 


. At an OS/2 command prompt, type KINIT to logon to the Kerberos authentication 


server. See /BM TCP/IP Version 1.2 for OS/2: User’s Guide for more information 
on the KINIT command. 


The KINIT command logs you onto the KERBEROS server and gets the initial 
ticket in the TKTO ticket file in the TMP directory on your host. 


. You can now start your Kerberos client application. If the ticket for the service 


you want is not in the ticket file, the client should obtain a service ticket for the 
service you want from the Kerberos authentication server by showing the initial 
ticket using the programming interface routines. See /BM TCP/IP Version 1.2 for 
OS/2: Programmer’s Reference for more information. 


. Use the KLIST command to see the list of the tickets in the client’s ticket file. 


. Use the KDESTROY command to delete the ticket file. 


See /BM TCP/IP Version 1.2 for OS/2: User’s Guide for the format and 
description of the parameters of the KLIST and KDESTROY commands. 


Example of Verifying the Kerberos Configuration 


TCP/IP for OS/2 provides a sample application client program and a sample applica- 
tion server program that can be used to verify your Kerberos installation and config- 
uration. 


This section contains examples of passwords and the following tasks that are used 
to set up, run, and verify your Kerberos system. 


Setting up the environment 

Creating the Kerberos database 

Starting the Kerberos authentication server 
Registering the sample service and the user 
Generating the key file for the sample service 
Transferring the service key file to the server 
Starting the sample server 

Getting the initial ticket 

Running the sample client program. 


Additional background information about the Kerberos functions is specified in the 
following sections. 
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Step 1: Setting Up the Environment 


The Kerberos database and authentication server must reside on the same host. 
The SAMPLE_S and SAMPLE _C programs can run on the same host as the 


Kerberos database and the authentication server, or the programs can run on other 


hosts. 


In this example, the hosts are assigned the following names: 


Host Name 


Service 


Client 


Master 


Description 


Specifies the name of the host on which the SAMPLE_S 


server is running. 


Specifies the name of the host on which the SAMPLE _C 


program is running. 


Specifies the name of the host on which the 
authentication server and the Kerberos database are 
running. 


You should verify that the following files reside on the specified host: 


File 
SAMPLE_C.EXE 
SAMPLE_S.EXE 
KERBEROS.EXE 
KDB_INIT.EXE 
KDB_EDIT.EXE 
EXT _SRTB.EXE 


Host 
Client 
Service 
Master 
Master 
Master 


Master 


In the following steps, replace the word service with the name of the appropriate 
host on which you are verifying the configuration. 


See “Setting Up the Environment” on page 123 for additional environment require- 


ments. 


Step 2: Creating the Kerberos Database—KDB_INIT 


The following steps describe how to create the Kerberos database: 


1. On the master host, type KDB_INIT at an OS/2 command prompt, and press the 





_ key to create and initialize the Kerberos database files. 


The system prompts you for the local rea!/m. 


2. Type the name of the local real 
realm prompt, and press the 3. 





t you defined in your KRB.CNF file at the 
2 key. 





The system prompts you for the master password. 
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3. Type krbpass at the password prompt, and press the key. 


For verification purposes, the system prompts you again for the master pass- 
word. 





4. Retype krbpass at the password prompt, and press the 
tion. 


key for verifica- 


After the Kerberos database files are initialized, an OS/2 command prompt is 
displayed. 


See “Creating the Kerberos Database—KDB _INIT” on page 127 for additional infor- 
mation about the Kerberos database. 


Step 3: Starting the Kerberos Authentication Server 


To start the authentication server, on gpa host, type KERBEROS -m at an 
OS/2 command prompt, and press the =) °-) 





The system prompts you for a password. 


See 
Senecetss 
Soe 
ae 





Type krbpass at the password prompt, and press the 
For verification purposes, the system prompts you again for the master password. 


/ key for verification. 





Retype krbpass at the password prompt, and press the 2. — 
KERBEROS.EXE runs until explicitly stopped. 


See “Kerberos Authentication Server” on page 133 for additional information about 
the authentication server. 


Step 4: Registering the Sample Service and the User 
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The following steps describe how to register a sample service and user locally. 


1. TE Key... host, type KDB_EDIT at an OS/2 command prompt, and press the 


The system prompts you for the Kerberos master password. 








2. Type krbpass at the password prompt, and press the @ 


For verification purposes, the system prompts you again for the master pass- 
word. 





3. Retype krbpass at the password prompt, and press the ‘Ent ar 
tion. 


lf the master password is valid, KDB_EDIT allows you to register a service. 


The system prompts you for the principal name. 
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4. Type sample at the principal name prompt, and press the 


Note: The services that you register must also be defined in the SERVICES file 
in your ETC directory. 


The system prompts you for the instance. 





'y ; 
6. Press the 2.020 








For verification purposes, the system prompts you again for the password. 


8. Retype sam at the password prompt, and press the E 






ee 
9. Press the 2) 


The following message is displayed if service, sample, is registered: 





The system prompts you for the principal name 





sms paren: 
. 2 Se 
ee ae 
Re SSS S Ses 
Eocene Bae 


10. Type userl at the principal name prompt, and press the 


The system prompts you for the /nstance. 


ee 


11. Press the 2..=. key fora null instance at the instance prompt. 





The message not found is displayed and the system prompts you for the Create 
'y f ; 
12. Press the 





13. Type use at the password prompt, and press the Er 





14. Retype use at the new password prompt, and press the 
tion. 





15. Press the 2.7.) 


The following message is displayed if user, userl is registered: 





The system prompts you for the principal name 





16. Press the | key at the principal name prompt to exit the registration 


process. 


See “Registering a Kerberos User Locally—KDB_EDIT” on page 128 for more infor- 
mation about the KDB_EDIT command. 
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Step 5: Generating the Key File for the Sample Service 
The following steps describe how to generate the key file, service.STB for the 
sample service. 


1. On the master host, type EXT_SRTB service at an OS/2 command prompt, and 
press the Key. 





The system prompts you for a password. 





2. Type krbpass at the password prompt, and press the | key. 


For verification purposes, the system prompts you again for the master pass- 
word. 


_ key for verifica- 





3. Retype krbpass at the password prompt, and press the 
tion. 


The system searches through the Kerberos database entries for the specified 
instance of service. When the system finds service, a key file SERVICE.STB is 
generated. 


An OS/2 command prompt is displayed. 


see “Generating the Key File for an Instance—EXT SRTB” on page 132 for 
further information about the EXT SRTB command. 


Step 6: Transferring the SERVICE.STB Key File to the Server 


The following steps describe how to transfer the SERVICE.STB key file to the server 
host. 


1. Use the FTP program to transfer the SERVICE.STB key file from the master host | 
to the service host as a binary transfer. ~ 


2. Rename the key file to SRVTAB and put it in the ETC directory. 


Step 7: Starting the Sample Server 


The following steps describe how to start the sample server, SAMPLE _S. 


On the service host, type SAMPLE_S at an OS/2 command prompt, and press the 
E key to start the sample Kerberos service application. 





The cursor should move to the next line to wait for requests from the sample client 
program. 


SAMPLE_S.EXE runs as a task until you shut down the server. 


Step 8: Getting the Initial Ticket 


The following steps describe how the user gets the initial ticket. 


1. ott the client host, type KINIT at an OS/2 command prompt, and press the 
(322. key to get the initial ticket. 





The system prompts you for the Kerberos name. 





2. Type userl at the Kerberos name prompt, and press the key. 


The system prompts you for a password. 





a 


key. 


3. Type use at the password prompt, and press the 


lf the KLIST command is successful, an OS/2 command prompt is displayed and 
the TKTO ticket file is generated in the TMP directory on the client host. 
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Step 9: Running the Sample Client Program 


To start the sample Kerberos client application program, type 
SAMPLE C service ose at an OS/2 command prompt on the client 
host and press the 3).55 





lf all parts of your Kerberos system (environment, Kerberos database, Kerberos 
authentication server, and client and service applications) are set up correctly, a 
message is displayed as a return from the SAMPLE_S program. The following is an 
example of the message that might be displayed: 








You are. user. @UNIV. DEPT. BIO (local name iderd) _ aa Le aps Pi ae 
at. address. 9.67.43, 74, version: VERSION: xX, ocksum: 100. De SU ie oe 
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Chapter 13. Setting Up the X Window System Server 


The X Window System is a distributed, window-based graphics system developed at 
Massachusetts Institute of Technology. TCP/IP Version 1.2 for OS/2 supports 
Version 11 Release 4 (X11R4) of the X Window System server (X server) function. 


The OS/2 X server enables users to display and control X Window System client (X 
client) application programs in an OS/2 Presentation Manager (PM) windowed 
session. These client application programs can reside in one or more IBM or other 
computing systems that support the X client function. They are connected to the 
OS/2 X server host through a TCP/IP network. IBM systems that currently have X 
client capability include VM, MVS, and AIX (RISC/6000, PS/2, and S/370). 


The X server function uses OS/2 PM as the X window manager and supports all of 
the keyboard, display, and pointer devices that are supported by OS/2 PM. Using 
PM as the X window manager enables OS/2 PM windowed applications and X client 
applications to share the same screen. As a result, another window manager (for 
example, aixwm or mwm) cannot act as the window manager for the OS/2 X server. 


Setting up the X Server Support 


The TCP/IP V1.2 for OS/2 X Window System server support is composed of the fol- 
lowing components: 


e OS/2 X Server Software (PMX.EXE) 
e X Font Support 
e X Clients and Utilities. 


All the components are installed when you select X Window System Server from the 
ICAT install menu. ICAT installs the required files into the TCP/IP for OS/2 product 
directory structure by default. Many X server database files required by the X 
server software for initialization and operation are installed in a subdirectory named 
X11, by default. If you allow ICAT to update to your CONFIG.SYS file, ICAT sets an 
environment variable called XFILES to the X11 subdirectory path. The X server soft- 
ware, PMX.EXE, references the XFILES environment variable to locate the database 
files. If XFILES is not set properly, PMX.EXE fails to execute. 


Note: The X11 subdirectory tree can be located wherever you prefer, as long as the 
corresponding environment variable, XFILES, is set accordingly. In this book, the 
location of the X11 subdirectory is represented as X11. For a particular configura- 
tion, X11 represents the directory to which the XFILES environment variable points. 


After installing the X server support using ICAT, you can choose to do one or more 
of the following to customize the X Window System server to your requirements: 
¢ Configure options from ICAT: 


— Automatically start the X server when the OS/2 system starts 
— Create or modify the XOHOSTS file 
— Set the DISPLAY environment variable for the X client utilities. 


e Install Additional X-Fonts 
e Modify the Color Database. 
The following sections describe the procedures listed above. For information about 


starting the server, see “Starting the X Server” on page 147. For information about 
the XOHOSTS file, see “The X Client Host Authorization File (XOHOSTS)” on 
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page 146. For information about how to install additional X fonts, see “Installing 
Additional X Fonts” on page 150. For information about how to modify the color 
database, see “The Color Database (RGB.TXT)” on page 147. 


Note: All of these actions are optional, and you can go back and perform any of 
these steps at a later time. If you do perform any of these customization procedures 
later, restart the X server software to activate the changes. 


Once you have completed customization, reboot the machine to activate changes 
that ICAT makes to your CONFIG.SYS. If you chose to automatically start the server 
from the ICAT menu, PMX will start when the system restarts. If PMX does not start, 
see “Starting the X Server” on page 147. 


The X Server (PMX.EXE) 


The following section describes the X server files and gives information about the 
OS/2 X server PMX.EXE. 


Files Used by the X Server 
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The X server accesses a number of files during initialization and operation. Some 
of these files are used to define screen colors, authorize client host access, and 
create font images. ICAT installs these files into the TCP/IP for OS/2 product direc- 
tory structure in a subdirectory named X11 by default and sets an OS/2 environment 
variable, XFILES, to point to it. The PMX.EXE server software references the value 
of XFILES to locate the files. (An exception to this is the XOHOSTS file, which is 
installed into the directory pointed to by the ETC environment variable.) 


By convention in this book, X11 represents the directory path set by the XFILES 
environment variable. This is normally the directory TCPIP\X11 on the drive where 
the TCP/IP for OS/2 software is installed. If the XFILES environment variable is not 
set correctly, PMX.EXE fails to execute. 


The X Client Host Authorization File (XOHOSTS) 

PMX uses the XOHOSTS file to identify the X client hosts on the network that are 
authorized to connect to the X server. This file is not supplied with the server, but 
you can create it using ICAT or a text editor. The XOHOSTS file for PMX corre- 
sponds to the X0.hosts file on a UNIX host running the X server. 


In the XOHOSTS file, you should have only one host name for each line. The names 
in XOHOSTS should be either names recognized by your TCP/IP network domain 
name server or names included in your ETC\HOSTS file. Use only names, no 
internet addresses. The XOHOSTS file does not have the same format as the 
TCPIP\ETC\HOSTS file. The following is an example of the XOHOSTS file: 


cambridg 
cambvm3 
als-ps2 
als-at 


The file XOHOSTS can reside in the directory named in the ETC environment vari- 
able. This environment variable normally points to TCPIP\ETC on the drive on 
which TCP/IP resides. If the XOHOSTS file cannot be found in the directory named 
by the ETC environment variable, then a client cannot access the server, unless the 
XHOST utility is used to permit access. 


IBM TCP/IP Version 1.2 for OS/2: Installation and Maintenance 


The Color Database (RGB.TXT) 

By default, the color database is found in the file X11\RGB.TXT. On a UNIX Window 
System server, this file is used as the source of a small relational database. PMX 
uses this file directly, reading it into memory and keeping it sorted by color name. 
The X11\RGB.TXT file shows a mapping between a large number of color names 
and some RGB (Red-Green-Blue) values. There is more than one example color file 
included with the server. You can customize the color database by editing RGB.TXT 
with a text editor and changing the RGB values associated with a particular color 
name. You can also add color names and associated RGB values to create new 
colors in the database. PMX uses information from the Presentation Manager to 
map RGB values into indexes to Presentation Manager color tables. 


X Font Files 

X font files are used by the X server to create text images for X client applications. 
The OS/2 X server program includes X fonts supplied from the MIT X11R4 distrib- 
ution, as well as IBM AIX X Windows products. These files have a file extension of 
.SNF, for Server Natural Format, and reside in the X11\MISC and X11\75DPI subdi- 
rectories. 


By default, PMX.EXE searches for the X font files in X11\MISC, then in X11/75DPI. 
You can change the default font directories and search order by using the -fp option 
of PMX.EXE. You can also dynamically override the defaults by using the fp param- 
eter of the XSET command. 


For more information about X font support for the OS/2 X server, see “X Font 
Support” on page 148. 


Starting the X Server 
Start the X server from a PM group menu, from an OS/2 command line, or from a 
batch (CMD) file. 


The following example shows the format of the PMX command. 





The parameters for the PMX command are: 


Parameter Description 

-an Sets mouse acceleration (n is the number of pixels). 

-co filename Sets color database file name. The default filename is 
X11\RGB.TXT. 

-fc fontname Sets cursor font. The default is the font named cursor. 

-fn fontname Sets default font. The default is the font named fixed. 

-fp pathname Sets default font path. The default is X11\MISC,X11\75DPI 

-help Displays help information (will not start the X server). 

-Ic Doubles the dimensions of any cursor, unless the cursor 
would become too large for a PM cursor. 

-nocopyright Does not display initial copyright window when starting the 
server. 
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-r Turns off the keyboard auto-repeat function. 


r Turns on the keyboard auto-repeat function. This is the 
default. 

-tn Sets mouse threshold (n is the number of pixels). 

-ton Sets connection time-out (n is the number of seconds). 

-I Ignores all remaining arguments. 


In the case of the font path (-fp pathname), multiple directories are separated by 
commas, rather than blanks. For example, to start the server with both the miscel- 
laneous and the 75 dot per inch (dpi) font directories, as well as your own personal 
fonts directory C:\myfonts, specify the following command parameters: 


pmx -fp d:tcpip\X11\misc,d:tcpip\X11\75dpi,c:\myfonts 
This example assumes that you installed TCP/IP on drive d: in the \tcpip directory. 


For more information about X fonts, see “X Font Support” on page 148. For more 
information about the color database and font files, see “The Color Database 
(RGB.TXT)” on page 147 and “How the OS/2 X Server Accesses Fonts” on 

page 149. 


Implementation Notes 

The READ.ME file on the installation diskettes provides information about PMX 
implementation, enhancements, and restrictions. The following describes additional 
information about the X Window System server. 


e The X server is ported from the MIT X Consortium X11R4 distribution. 
e Because PM is the window manager, you cannot use other window managers. 


¢ For OS/2 machines that have a pointing device with only two buttons, the middle 
button is simulated by pressing both the right and left buttons simultaneously. 


e Save unders and backing store are currently not supported. 


¢ No X extensions are currently supported in the OS/2 X server, including the 
shape extension included with the MIT Consortium X11R4 distribution. 


¢ PMX supports only StaticColor and StaticGray visuals, so the color tables have 
only read-only entries. 


X Font Support 


The following sections describe the X font support supplied with the OS/2 X server. 


Fonts Included with the OS/2 X Server 


The X font files included with the OS/2 X Server support are located in the X11\MISC 
and X11\75DPI subdirectories. The fonts in these directories were supplied from 
IBM AIX X Windows products, as well as from the MIT X Consortium X11R4 distrib- 
ution. 


X fonts that your client applications need, but are not included with OS/2 can be 
imported from other systems for use with the OS/2 X server. For information about 
enhancing the OS/2 X server font support with X fonts from other systems, see 
“Installing Additional X Fonts” on page 150. 
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How the OS/2 X Server Accesses Fonts 


X font files are files with a file name extension of .SNF. The X Server locates and 
accesses font files by using the FONTS.DIR and FONTS.ALI files of the directories in 
the font path. There must be exactly one FONTS.DIR file and zero or one FONTS.ALI 
file in each directory in the font path. The FONTS.DIR and FONTS.ALI files are used 
to map X font names, as specified to the X server by requesting X client applica- 
tions, to X font file names known to the local X server. The mapping of X font names 
to file names removes the need for the X clients to know about the local file system 
characteristics and naming conventions. 


The Font Search Path 

Font information is found along a search path defined to the server. The font path 
can be changed dynamically as the server runs by using the XSEF utility or appro- 
priate X Window System protocol messages from clients. The server searches for a 
file named FONTS.DIR and a file named FONTS.ALI in each directory in the font 
path. These files are used to map font names into font files in that directory. 


Additional directories with FONTS.DIR and FONTS.ALI files can be specified. For 
example, to start the X server with both the miscellaneous and the 75 dpi fonts, as 
well as your own personal fonts in a directory c:\myfonts, specify the following 
command: 


pmx -fp d:tcpip\X11\misc,d:tcpip\X11\75dpi,c:\myfonts 


The FONTS.DIR Files 

FONTS.DIR files are created using the MKFONTDR program after you compile the 
fonts. For more information on the MKFONTDR program, see /BM TCP/IP Version 
1.2 for OS/2: User’s Guide. The FONTS.DIR files contain a list of the font files ina 
directory, and the font names, that are read from the font files. Recent fonts created 
with conventions that have become standard for the X Window System since 
Release 3 have names that are long and contain information about the font. Wild 
card characters can be used to simplify the search for a font when a client program 
specifies a font. You can use either upper or lower case in your font patterns 
because the case of letters in font names is ignored. 


The first line of the FONTS.DIR file contains an integer specifying the number of 
fonts. The rest of the lines in the file contain two pieces of information, separated by 
one or more blanks. The first item on each line is the OS/2 file name. An example 
file name would be 9X15.SNF. The second item on each line is the font name, which 
is known to the X server. An example font name would be 9x15. The font name is 
extracted from information in the font file, and is not derived from the OS/2 file 
name. 


The FONTS.ALI Files | 

The file FONTS.ALI (in UNIX this would be FONTS.ALIAS) that can be put in any 
directory of the font path, is used to map new names to existing fonts, and should be 
edited by an editor. Each line in the file normally contains two items, separated by 
one or more blanks. The first item is the alias you use for a font. The second con- 
tains a font-name pattern. 


To embed white space in either the alias or the font name pattern, enclose either of 


them in double-quote marks; to embed a double-quote mark (or any other special 
character), precede the character with a backslash. 
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When a font alias is specified by a client, the name it references is searched for by 
looking through each font directory (FONTS.DIR file). This means that the aliases do 
not have to reference fonts in the same directory as the FONTS.ALI file. 


If the string FILE NAMES ALIASES stands alone on a line in the FONTS.ALI file, 
each filename in the directory (stripped of its .SNF extension) is used as an alias for 
that font. 


Each directory in the font path can have a FONTS.ALI file. When PMxX is installed, a 
FONTS.DIR and FONTS.ALI file will be installed in each font directory. 


Installing Additional X Fonts 
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You can use X fonts, which are not included with the TCP/IP for OS/2 X server 
support. For example, you can have an X client application which requires a special 
font that is available on a UNIX or AIX machine but is not included with the OS/2 
support. In this case, you can install the needed fonts on the OS/2 machine for use 
by the OS/2 X server software. 


To install additional X fonts, locate the X font source file for the font you wish to 
install. Typically, X font source files have a file extension of BDF (such as 
COURBO08.BDF). Once you have located the font source file, copy it to a drive on 
your OS/2 machine. 


Next, compile the font source file using the BDFTOSNF X font compiler utility. 
BDFTOSNF takes the .BDF font source file as input and creates a new file in server 
natural format. This new file has a file extension of SNF (such as COURBO8.SNF) 
and contains information that can be used by the OS/2 X server to create character 
images for display in X windows. All fonts that are used with the OS/2 X Server 
must be compiled using the BDFTOSNF utility. Fonts compiled with the BDFTOSNF 
X utility on other operating systems will not create a .SNF file which is usable by the 
OS/2 X server. For more information about compiling X fonts and the BDFTOSNF X 
utility program, see /BM TCP/IP Version 1.2 for OS/2: User’s Guide. 


After the font has been compiled, the resulting .SNF file must be placed in a direc- 
tory where the OS/2 X server can find it. You can choose to put the file in a default X 
font directory (for example, TCPIP\X11\MISC) or in another directory. If you choose 
to put the .SNF file in a directory other than one in the default font path, you need to 
identify that directory to the X server by using the font path (-fp) option when you 
start PMX. See “Starting the X Server” on page 147 or “How the OS/2 X Server 
Accesses Fonts” on page 149 for more information on specifying font paths. 


Finally, after you have compiled the X font and moved the file to the chosen direc- 
tory, you must run the MKFONTDR utility on that directory. MKFONTDR creates or 
updates the FONTS.DIR file in the directory. The FONTS.DIR file is used by the OS/2 
X server to map a particular font name, as requested by an X client application, toa 
font file in the same directory. 


The installation of the additional font is now complete. To activate these changes, 
you can either restart the X server or use the rehash option (fp rehash) of the XSET 
utility. Either of these actions will cause the server to re-read the FONTS.DIR files 
in the directories of the current font paths. 
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The following list summarizes the steps needed to load additional fonts for use by 
the OS/2 X server: 


1. Locate the X font source file and copy the file to your OS/2 machine. 


2. Run BDFTOSNF on the source file to create the server natural format (SNF) font 
file useable by the X server. 


3. Copy the resulting .SNF file to a default font directory or a directory known to the 
server (by using the -fp option of PMX.EXE). 


4. Run the MKFONTDR utility on that directory to update the FONTS.DIR file. 


5. Restart the X server or issue “XSET fp rehash” to activate changes to the 
FONTS.DIR file. 


X Clients and Utilities 


The following X client and utility programs are included with the OS/2 X Server soft- 
ware to help in administering and customizing the PMX server. The X clients are 
based on the MIT Consortium X11R2 distribution, and are intended for use with the 
OS/2 X server only. All the programs listed below that start with an X are X clients. 


Program Description 

BDFTOSNF Font compiler 

MKFONTDR Font directory builder 
SHOWSNF Font file display utility 

XFD Font display utility 

XHOST Client host access control utility 
XLSFONTS Font listing utility 

XMODMAP Keyboard modifier utility 

XSET Set user preference utility 
XWININFO Window information utility. 


Note: All the X client utilities rely on the user-defined OS/2 environment variable 
DISPLAY to determine which X server to use by default. ICAT optionally inserts a 
statement into your CONFIG.SYS that sets the value of DISPLAY when the OS/2 
system boots. You should specify the value for DISPLAY in the ICAT Configure Ser- 
vices menu. 


The value for DISPLAY has the format <Host>:<Dpy>. Host must be either an 
internet host address or a host name that can be resolved to an internet address. A 
host name can be resolved to an internet address through queries to the network 
domain nameserver, if one is present, or through reference to an entry in your 
ETC\HOSTS file. 


For best results, consider setting DISPLAY to the value of 
<your_host_internet_addr>:0. For example, if your host internet address is 
9.67.30.44, you can set the DISPLAY field in the ICAT Configure Services menu to 
the value 9.67.30.44:0. By using your host address you will avoid having to perform 
host name to address translation. If the internet address of your host machine 
changes, you must also change the value of the DISPLAY environment variable, 
either by editing your CONFIG.SYS directly or by changing the DISPLAY variable 
field in the ICAT Configure Services menu. 


For more information about the X clients and utilities, see /BM TCP/IP Version 1.2 
for OS/2: User’s Guide. 
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The following steps describe how to install and configure your TCP/IP for OS/2 X 
Window System Server software. 


Step 1: Install the X Server Software from Diskettes: The following steps describe 
how to install the X server software from diskettes into the TCP/IP for OS/2 directory 
tree using the ICAT program. 


1. From an OS/2 command prompt, type ICAT. When the main ICAT menu screen 
appears, select the INSTALL button to enter the TCP/IP for OS/2 option installa- 
tion menu. 


2. Select the box adjacent to the “X Window System Server” feature to install the 
OS/2 X server. If you do not have a mouse, you may tab through the features 
until the box you wish to select is highlighted, and then press the space bar to 
make the selection. 


Note: By default, the OS/2 X server software is installed on the drive and in the 
directory where ICAT has determined that you installed your TCP/IP for OS/2 
base software. If you wish to change the install path, edit the text in the path 
field. 


3. Select the INSTALL button at the bottom of the menu to begin the installation 
process for the X server. Follow the directions for inserting the X server 
program diskettes until ICAT indicates that the installation is complete. 


Step 2: Configure the Options to Start the X Server Automatically: The following 
steps describe how to configure the options to start the X server automatically when 
you bring up the system. 


1. Select CONFIGURE from the ICAT main menu to enter the TCP/IP Configuration 
Tool window. 


2. Select the “Automatic Starting of Services” menu, and page forward until the 
“Enable this machine to function as an X server” option appears. 


3. Select the box adjacent to the “Enable this machine to function as an X server” 
option to automatically start the X server. The -nocopyright parameter of PMX is 
included by default. 


Step 3: Configure the X Server: The following steps describe how to configure the X 
server options from the ICAT “Configure Services” window. 


1. Exit from the “Automatic Starting of Services” menu and return to the TCP/IP 
Configuration Tool window. Select the “Configure Services” option to enter the 
“Configure Services” window. 


2. Enter default X client host authorization for trusted machines by entering the 
host name in the XOHOSTS window box. Enter the host names by using the edit 
options at the top of the menu. 


Note: You can use host names only in the XOHOSTS window box; no host 
addresses are allowed. Your TCP/IP for OS/2 software must be able to resolve 
these names into internet addresses, either by querying your TCP/IP domain 
name server or by referencing your ETC\HOSTS file. 


3. Enter the default DISPLAY environment variable used by the X client utilities to 
indicate the X server to which to direct their requests. You should enter your 
own host’s name or internet address immediately followed by :0. This enables 
the X client commands to reference the (local) OS/2 X server by default. 
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Step 4: Exit ICAT and Reboot the Machine: The following steps describe how to 
activate changes made to your CONFIG.SYS and start your X server automatically. 


1. The ICAT program added the XFILES and DISPLAY environment variables to 
your CONFIG.SYS. Rebooting the machine and restarting the OS/2 system 
causes these changes to take effect. 


2. Your X server software executable, PMX.EXE is now started automatically each 
time your OS/2 system is started. 


Testing the X Server with the Hello World Program 


The TCP/IP for OS/2 product includes a hello world program, which is an X client 
application, that runs on OS/2 and can be used to verify that the X server has been 
set up correctly. The hello world program accepts one optional argument, which is 
the name of a font in usual X Window System font name form. Before starting the 
hello world program, you should make sure the X server is running. For more infor- 
mation about starting the X server, see “Starting the X Server” on page 147. 


You can start the hello world program by typing the following: 


xhello 


A small PM X window should appear with the message “hello world.” If the 
message appears, you are ready to use the PMX server with the X client utilities 
included with the OS/2 X Server software or with other X client applications on other 
systems. 


If an error message is displayed, which indicates that the XHELLO program could 
not open the display, the DISPLAY environment variable is either not initialized 
properly or not initialized at all. The DISPLAY environment variable is used by X 
client utilities to specify the default X server at which to direct requests. Possible 
sources of the problem are: 


¢ You did not initialize the DISPLAY variable from the ICAT Configure Services 
menu 


e You have not rebooted your OS/2 machine after correctly initializing the 
DISPLAY variable while inICAT. This caused the DISPLAY environment vari- 
able, which is set in your CONFIG.SYS, not to be recognized. 


¢ You initialized the DISPLAY variable while in ICAT, but the program was unable 
to use the value of DISPLAY to access the designated X server. 


To correct any of these cases, you should go back into an ICAT session and set the 
DISPLAY variable properly and then reboot the machine. For best results, DISPLAY 
should be set to the value your_host_internet_addr:0. For example, if your internet 
address is 9.67.30.44, you should set the DISPLAY field in the ICAT Configure Ser- 
vices menu to 9.67.30.44:0 


As an alternative to rebooting, you may set the DISPLAY variable at an OS/2 
command prompt by issuing SET DISPLAY = your_host_internet_addr:0. This will 
allow you to use X clients from within this OS/2 session (only) without having to 
reboot the machine. 
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Chapter 14. Boot Protocol (BOOTP) 


This section describes how to set up BOOTPD (Server) and BOOTP (Client). The 
Boot Protocol (BOOTP) enables a client to get an IP address and other information 
from a server. 


Setting up the Server 


The BOOTPD server must have a BOOTPTAB file, which is a correspondence file for 
hardware addresses and IP addresses. A sample BOOTPTAB file is included in the 
TCPIP\ETC directory. You must change this file to contain hardware addresses, IP 
addresses, gateway addresses, and name server addresses for the local network. 
Use the sample BOOTPTAB file in Appendix G, “Sample BOOTPTAB File” on 

page 233 as a pattern, and replace addresses and names. 


To find the hardware addresses of installed terminals, use the NETSTAT command, 
with the -n parameter, on the installed terminal. For more information about the 
NETSTAT command, see /BM TCP/IP for OS/2 Version 1.2: User’s Guide. 


You must verify that the SERVICES file in the ETC directory contains the following 
two lines: 


sbootp 67/udp #bootp server 
cbootp 68/udp #bootp client 


Use the BOOTPD command to start the BOOTPD server. 


The following example shows the format of the BOOTPD command. 





The parameters of the BOOTPD command are: 
Parameter Description 


-d Causes debug information, such as hardware address, to be displayed 
on the server terminal. You must use multiple -ds to display any 
debug information. Each additional -d increases the amount of debug 
information. 


BOOTPD.EXE runs as a task until you shut down the server. 


Note: BOOTP broadcast packets are used for transfer and only reside on the local 
network. They do not pass through a router to another network. 


The following is an example of a bootpd response: 
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You must verify that the TCPIP\ETC\SERVICES file contains the following two lines: 
Sbootp 67/udp #bootp server 
chootp 68/udp #bootp client 


After you set up the TCPIP\ETC\SERVICES file, use the BOOTP command to start the 
BOOTP client. 


The following example shows the format of the BOOTP command. 





The parameters of the BOOTP command are: 


Parameter Description 


? Displays the list of parameters and their meaning. 
lanO Broadcasts to the lan0O network. This is the default. 
lant Broadcasts to the lan1 network. 

lan2 Broadcasts to the lan2 network. 

lan3 Broadcasts to the lan3 network. 


Note: lanx is the network of the BOOTPD server. 


The client executes and outputs the response from the server to the client’s terminal 
screen as quickly as the connection has been made. 


The following is an example of BOOTP response. 





Note: The numbers shown are only examples. Your response numbers and names 
will be different. 


In this example, the IFCONFIG and ROUTE commands are executed, the 
TCPIP\ETC\RESOLYV file is checked, and a RESOLV file is created. A RESOLV file 
uses the domain name server information in the received packet from the server. If 
the RESOLV file already exists, it is updated. 


BOOTP.EXE exits after the output is printed on the client’s terminal screen. 


Note: If BOOTP is executed and is not successful, SETUP.CMD should be run to 
restore your address configuration before PING and other commands can be run. 
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Chapter 15. Security Issues 


This chapter contains information concerning security issues in TCP/IP for OS/2. 
Security is a concern in all TCP/IP implementations, and the issues are not limited 
to the OS/2 implementation. Therefore, the information in this chapter is not 
intended to solve general TCP/IP security issues, but to indicate specific instances 
in the OS/2 TCP/IP implementation where users can make their hosts more secure. 


File System 


The OS/2 operating system was designed to be a multitasking, but single-user oper- 
ating system. Therefore, the file system is not partitioned into separate user space 
for each user. 


Most other TCP/IP implementations reside on multi-user operating systems having 
built-in features that can restrict individual users from viewing other users’ directo- 
ries and files. By using TCP/IP for OS/2, the OS/2 operating system can effectively 
become a multi-user system, but the OS/2 file system is still a single-user file 
system. When an OS/2 TCP/IP server, such as Telnet, gives access to a TCP/IP 
Telnet client, any file on the OS/2 host can be accessed. 


Environment Variables 


The TCP/IP for OS/2 implementation uses OS/2 environment variables to store the 
Telnet server and REXEC server passwords. Environment variables that are 
defined in the CONFIG.SYS file are defined for every session that is started. Envi- 
ronment variables that are defined in an OS/2 session are valid only for that 
session. 


The OS/2 Installation and Configuration Automation Tool (ICAT) was designed to 
make the TCP/IP installation, configuration, and startup easy for the user. The envi- 
ronment variables are defined in the CONFIG.SYS file. 


If you are concerned with security, do not put the Telnet and REXEC environment 
variables in the CONFIG.SYS file. Type them immediately before starting the 
respective server in the same session. This method prevents the values of the envi- 
ronment variables from being available in another OS/2 session or having them 
stored in the CONFIG.SYS file, which may be accessible from another TCP/IP client. 


Accesses Defined by the FTP Server 


The TCP/IP for OS/2 FTP server can define read-only access for an FTP client. In 
the OS/2 file system, read-only means that you can read a file on the FTP server 
host. This may include the CONFIG.SYS file, which can define Telnet or REXEC 
authorization. This may also allow you to read SMTP mail messages. 


The FTP server allows you to restrict directory path access to subdirectories ona 


per-client basis. Users can access only directories and subdirectories defined to 
them by the FTP server. 
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NETRC File 


The NETRC file is an optional file that is used by FTP and REXEC clients to automat- +S 
ically log on to foreign hosts without being prompted for user IDs and passwords. 
The NETRC file contains security information about other hosts. You do not have to 
name the NETRC file NETRC, nor does it have to reside in the ETC directory. You 
can define the name with the NETRC environment variable. 


Warning: If you have a Telnet, REXEC, TFTP, RSH, or FTP server running on your 
machine, you should not create a NETRC file, because it provides users with user 
and password information that may allow them access to other users’ files. 


Note: Do not assume that because the file is named something other than NETRC, 
and the NETRC environment variable is not defined in the CONFIG.SYS file, that the 
file is safe. Software utilities can be written (such as UNIX’s grep command) that 
can search for keywords in files and identify the file. 


TFTP Server without a Limited Directory Path ‘ 


SLIP Network Interface 


The TFTP server does not require that the TFTP client supply any type of user 
authentication. However, the TFTP server can be started with a restricted directory 
path. Starting the TFTP server without a limited directory path allows any one to 
destroy files existing on their system. For more information about the TFTP path 
parameter, see “TFTP” on page 71. 


Running TCP/IP with the SLIP interface, with the modem in auto-answer mode 
(SLIPCALL -a), could be a security issue on your network. To avoid placing the 
modem in auto-answer mode, do not issue the SLIPCALL -a command. As an alter- 
native method, turn auto-answer off by invoking the SLIPCALL -r command. Some 
modems have a hardware switch setting for auto-answer; therefore, the 

SLIPCALL -r can not turn off auto-answer. 


The Kerberos Authentication System is a security feature that provides interfaces 
that can be used to write applications that use Kerberos with TCP/IP. 


Chapter 12, “Setting Up Your Kerberos System” describes how to set up your 
Kerberos system. /BM TCP/IP Version 1.2 for OS/2: User's Guide provides an over- 
view of the Kerberos Authentication System. /BM TCP/IP Version 1.2 for OS/2: 
Programmer’s Reference describes the Kerberos Authentication System and the 
Kerberos routines you can use to write applications. 
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Authorizing X Client Hosts 


The OS/2 X server provides basic X client host authorization by two mechanisms, 
the ETC\XOHOSTS file and the XHOST authorization utility. The XOHOSTS file is 
read during X server initialization and defines the network hosts that can access the 
services of the OS/2 X server. The XHOST utility is used to dynamically change or 
override the list of authorized hosts. 


For more information about the XOHOSTS file and the XHOST utility, see /BM TCP/IP 
Version 1.2 for OS/2: User’s Guide. 
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Appendix A. Optional Files 


This appendix contains the files that can be created to be used by certain applica- 
tions in TCP/IP for OS/2. 


Table 3. Usage of Optional Files for TCP/IP for OS/2 


Name of File 
EXPORTS 
FSTAB 


GATEWAYS 
HOSTS 
INETD.LST 
KRB.CNF 


KRB.RLM 
MIB2.TBL 


NETRC 
PINGHOST.LST 
PW.SRC 
RESOLV 
RHOSTS 


SNMP.PW 
SNMPTRAP.DST 


TRUSERS 
XOHOSTS 
X25DIR 
X25iP 
X25RTE 


Used by 
NFS server 


NES client 


ROULIED Server 
Any client or server 
Selected servers 


Kerberos clients 


Kerberos clients 


Several SNMP commands 


FTP and REXEC clients 
PMPING 

SNMP Agent 

Any client or server 


RSH Server 


SNMP Agent 


SNMP Agent 


FTP Server 

X Server (PMX) 
X.25 Interface 
X.25 Interface 
X.25 Interface 


Purpose of File 
Specifies directories that clients can mount. 


Specifies a list of mount commands to be automatically 
performed during startup. 


iaentifies gateways. 
Resolves host names if a name server is unavailable. 
Defines servers that are to be activated. 


Specifies the host that is running the Kerberos 
Authentication Server. 


Specifies the realm name. 


Defines the mapping between an object’s ASN.1 notation 
and an object’s textual notation. 


Alternative source for user and password. 
Specifies a list of hosts to be monitored. 
Plain text list of community name(s) for the SNMP agent. 


Provides domain name and name server address. 


Specifies the hosts that are authorized to use the RSH 
Server. 


The scrambled version of the PW.SRC file which is used 
by the agent. 


Specifies destination hosts that receive TRAP mes- 
sages. 


Verifies user and password. 

Authorizes hosts to connect to OS/2 X Server. 
Specifies the X.25 remote directory name. 
Specifies the X.25 local directory name. 


Specifies the X.25 route name. 


These files, with the specified names, must reside in the ETC directory or in the 
directory specified by the ETC environment variable. The required format of these 
files is listed in the following table. 
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Table 4 (Page 71 of 3). Contents of Optional Files for TCP/IP for OS/2 


Name of File 


EXPORTS 


FSTAB 


GATEWAYS 


HOSTS 


INETD.LST 


KRB.CNF 
KRB.RLM 


MIB2.TBL 
NETRC 


PINGHOST.LST 


Contents of File 


directory client [client]... 


mount command line 


or 


mvslogin command line 


Sample of File 


c:\ ashlin 
f:\appsource build dev.com 


MOUNT -u32 -g5 x wolly1:/home/andy 

MOUNT -landrew x wolly1:/home/andrew 

MOUNT -v v: ralvmx:nibmaaa.191,user = nibmaaa,rw 
MOUNT -u -g z:mvs1:myid,text 

MVSLOGIN -p mvs1 myid 


{net | host} namel gateway name2 metric value {active | passive | external} 


net net2 gateway host4 metric 4 passive 

host host3 gateway host4 metric 4 passive 

host host10 gateway 192.9.201.5 metric 9 active 
host host10 gateway 192.8.201.5 metric 8 external 


internet_address host_name [alias(es)][# comment] <carriage return> 


application protocol server 


realm host_name [admin server | 


domain_name realm 


or 


host_name realm 


textual name asn.1_name syntax 


124.34.216.1 Host1 joansPC PC1 educdept 
124.34.216.3 PC3 edsPC Host3 # This is Ed’s PC 
124.34.216.5 PC5 janetsPC 


telnet tcp telnetd 


exec tcp rexecd 
ftp tcp ftpd 
printer tcp Ipd 
tftp udp tftpd 
shell tcp rshd 
Where: 


telnet is the service, tcp is the protocol, and 
telnetd is the server to be activated. 

exec is the service, tcp is the protocol, and 
rexecd is the server to be activated. 


univ.educ.chem chrispc admin server 


.educ.chem univ.educ.chem 
.educ.bio univ.educ.bio 
chrispc univ.educ.chem 
joanpc univ.educ.bio 


sysDescr 1.3.6.1.2.1.1.1.0 display 


machine host_name [login user_id] [password password | [ account account| [macdef macroname | 


host_ip_address 


description 


machine raleigh login kent password baseball 

machine boston login chris password boz macdef mymacro 
bell 

hash 

prompt 

binary 

cd c:\mydir 

get myfile.bin 


machine phoenix login writer password account payday 


9.67.30.100 **Nameserver-Call_Dan 
9.67.22.1 RALVMM_via_3172-Call_IS 
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Table 4 (Page 2 of 3). Contents of Optional Files for TCP/IP for OS/2 


Name of File 


PW.SRC 


RESOLV 


RHOSTS 


SNMPTRAP.DST 


TRUSERS 


XOHOSTS 


X25DIR 


X25IP 


Contents of File 


Sample of File 


community_name desired_network snmp_mask 


domain domain_name 
nameserver internet_address 


host_name.domain_name [user | 


host_name UDP 


user: user_name [password | 
rd{“]: [[path] path... ] 
wr[“]: [[ path] path... | 


host_name 


ipaddress directory name 
default directory_name 


directory_name 


passwd 9.0.0.0 255.0.0.0 
passwd2 129.34.81.22 255.255.255.255 


domain eng.mit.edu 
nameserver 129.34.128.245 
nameserver 129.34.128.246 


kant.watson.ibm.com Scott 
jorge.raleigh.ibm.com 


Where: 


Scoti is the oniy user on kant.waison.idm.com that is 
served and all users on jorge.raleigh.ibm.com are served. 


124.34.216.1 UDP 
Manager2 UDP 


user: chris boz 
rd: d:\c:\ 
wr: d:\tmp c:\tmp 


Where: 


chris is the user, boz is the password for chris, rd: d:\ 
c:\ gives chris access to read files and subdirectories in 
the c:\ and d:\ directories and wr: d:\tmp c:\tmp gives 
chris access to write to files and subdirectories only in 
the c:\tmp or c:\tmp directories. 


mpw.tcpip.rtp.ibm.com 
glenns_mod8sg0 
als_mod95 


9.67.22.1 REMOTE 
9.67.22.2 REMOTE2 
default REMOTE3 


Where: 


REMOTE1, REMOTE2, and REMOTES are remote direc- 
tory entry names defined in a Communications Manager 
X.25 configuration file. IP packets with a destination 
address of 9.67.22.1 generate an X.25 call request to the 
DTE address defined in REMOTE1. IP packets with a 
destination address of 9.67.22.2 generate an X.25 call 
request to the DTE address defined in REMOTE2. All 
other IP packets generate an X.25 call request to the 
DTE address defined in REMOTES. 


LOCAL1 
Where: 


LOCAL1 is a local directory entry defined in a Communi- 
cations Manager X.25 configuration file. This file con- 
tains the local directory entry that associates the local 
DTE address with a link. Only one directory name can 
be listed. 
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Table 4 (Page 3 of 3). Contents of Optional Files for TCP/IP for OS/2 


Name of File Contents of File Sample of File 

X25RTE route_name ROUTE1 
ROUTE2 
Where: 


ROUTE1 and ROUTE2 are routing table entry names 
defined in a Communications Manager X.25 configuration 
file. 

Multiple route names can be listed. 
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Appendix B. Sample SLIP.CMD File 


This appendix contains a sample SLIP.CMD file that illustrates the elements con- 
tained in a SLIP.CMD file. 


rem Set the Baud rate of the modems being used. 

set slip. bps=2400 

rem 

rem Set the Modem pause time (in seconds) for a comma. 
set slip.delay=2 

rem 

rem Set the dialing string for the modem. The phone number is 555-1234. 
rem set slip.dial=ATDT555,1234 

rem 

rem Execute the code that dials the modem. 

Slipcall -rd 
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Appendix C. Sample OS/2 TCP/IP Default Directory Structure 





This appendix outlines the default directory structure used when ICAT installs the 
TCP/IP for OS/2 product. 


TCPIP 
BIN (contains all executable modules) 
.exe 
eX 
.cmd 
-1CO 
*.SyS 
INCLUDE (contains all header files) 
ef 
ARPA 


+ + % 


IDL (contains ncs header files) 


NETINET 
* hi 
NET 
*h 
PROTOCOL 
*h 
RPC (contains rpc header files) 
be | 
SYS 
* Hh 
DPI (contains snmp header files) 
Bae 9 
KRB (contains kerberos header files) 
on 
HELP 
* -hIp 
LIB 
tcpip.lib (contains the tcpip library) 
tcpipmt.1ib 
tcpipd|l1.lib 
sunrpc. lib (contains the rpc library) 
rpcd|1.1ib 
nckmt.1ib 
krb.lib (contains kerberos libraries) 
dpi.lib (contains the snmp library) 
ftpapi.lib (contains the ftpapi library) 
ftpapimt. lib 
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ETC 


bootptab 
rpc 
protocol 
services 
pinghost. Ist 
mib2.tbl 
sendmail .cf 
sendmail .hf 
x25dir 
x25i1p 
x25rte 
x25samp.cfg 


SAMPLES 


X11 


DLL 


DOC 


NSTAT 
RN 
NAMED 
TRACERT 
DPI 
NCS 
RPC 
RPCGEN 
KRB 
SOCKET 
RCOPY 


misc (fonts) 
75dpi (fonts) 


*OLL 
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Appendix D. Management Information Base (MIB) Objects 


This appendix lists the objects for the following groups defined by the Management 
Information Base (MIB)-II. 


e System 

¢ Interfaces 

e Address Translation 

e Internet Protocol (IP) 

e Internet Control Message Protocol (ICMP) 

¢ Transmission Control Protocol (TCP) 

¢ User Datagram Protocol (UDP) 

e Exterior Gateway Protocol (EGP) 

¢ Simple Network Management Protocol (SNMP). 


The object types are defined using the following fields: 


Object A textual string (referred to as the OBJECT DESCRIPTOR) and the 
administratively assigned name (referred to as the Object 
Identifier). 

ASN.1 Notation The Abstract Syntax Notation which represents the object identi- 
fier. 

Syntax The data type of the MIB object. 

Definition A description of the MIB object. 

Access One of read-only, read-write, write-only, or not-accessible. 
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System 


System Group 


Table 5 (Page 1 of 2). 


Object and ASN.1 
Notation 


SYSTEM GROUP 
1.3.6.1.2.1.1 


sysDescr 
{ system 1} 
1.3.6.1.2.1.1.1.0 


sysObjectID 
{ system 2 } 
1.3.6.1.2.1.1.2.0 


sysUpTime 

{ system 3 } 
1.3.6.1.2.1.1.3.0 
sysContact 

{ system 4 } 
1.3.6.1.2.1.1.4.0 
sysName 

{ system 5 } 
1.3.6.1.2.1.1.5.0 
sysLocation 

{ system 6 } 
1.3.6.1.2.1.1.6.0 


Table 5 lists the objects in the system group. The system objects identify the type 
of system with a text description and the vendor-assigned object-id as an identifica- 
tion to the type of SNMP agent. 


Implementation of the System Group 


Syntax 


DisplayString 


Object Identifier 


TimeTicks 


DisplayString 


DisplayString 


DisplayString 


Definition 


A description of the entry. This value 
should include the full name and version 
identification of the system’s hardware 
type, software operating system, and net- 
working software. This description must 
only contain printable ASCII characters. 


The vendor’s authorization identification of 
the network management subsystem con- 
tained in the entry. This value is allocated 
within the Structure for Management Infor- 
mation (SMI) enterprise’s subtree 
(1.3.6.1.4.1) and provides an easy and 
clear means for determining what kind of 
box is being managed. For example, if 
vendor Stones, Inc. was assigned the 
subtree 1.3.6.1.4.1.42, it could assign the 
identifier 1.3.6.1.4.1.42.1.1 to the router 
Fred Router. 


The time (in hundredths of a second) since 
the network management portion of the 
system was last started. 


The textual identification of the contact 

person for this managed node, together 
with information on how to contact this 

person. 


An administratively-assigned name for 
this managed node. By convention, this is 
the node’s fully-qualified domain name. 


The physical location of this node (for 
example, telephone closet, 3rd floor). 
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Access 


read-only 


read-only 


read-only 


read-write 


read-write 


read-write 


a4 


System 


Table 5 (Page 2 of 2). Implementation of the System Group 


Object and ASN.1 Syntax Definition Access 
Notation 

sysServices Integer A value that indicates the set of services read-only 
{ system 7 } that this entity primarily offers. 


13.6.1.2.1.1.7.0 The value is asum. This sum initially 
takes the value zero, then, for each layer, 
L, in the range 1 through 7, for which this 
node performs transactions, 2 raised to 
(L - 1) is added to the sum. For example, 
a node which performs primarily routing 
functions would have a value of 4 
(2**(3-1)). In contrast, a node that is a host 
offering application services would have a 
value of 72 (2**(4-1) + 2**(7-1)). In the 
context of the Internet suite of protocols, 
values should be calculated accordingly: 


layer functionality 


1 physical (for example, repeaters) 

2 datalink/subnetwork (for example, 
bridges) 

3 internet (for example, IP 
gateways) 

4 end-to-end (for example, IP hosts) 

7 applications (for example, mail 
relays) 


For systems including OSI protocols, 
layers 5 and 6 may also be counted. 
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Interfaces 


Interfaces Group 


Table 6 on page 179 lists the objects in the interfaces group. The interfaces objects 
are a sei of entries for each network interface below the IP layer that can send ana 
receive datagrams. 
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Table 6 (Page 7 of 5) 


Object and ASN.1 
Notation 


INTERFACES GROUP 


1.3.6.1.2.1.2 
ifNumber 

{ interfaces 1} 
1.3.6.1.2.1.2.1. 
iffable 

{ interfaces 2 } 
TA:6 71 .2.122.2 
ifEntry 

{ iffable 1 } 
1.3.6.1.2.1.2.2.1 


Syntax 


Integer 


SEQUENCE of 
IfEntry 


ifEntry ::= 
SEQUENCE 


ifindex 
INTEGER, 
ifDescr 
DisplayString, 
ifType 
INTEGER, 
ifMtu 
INTEGER, 
ifSpeed 
Gauge, 
ifPhysAddress 
PhysAddress, 
ifAdminStatus 
INTEGER, 
ifOperStatus 
INTEGER, 
ifLastChange 
TimeTicks, 
ifinOctets 
Counter, 
iffnUcastPkts 
Counter, 
iffnNUcastPkts 
Counter, 
ifinDiscards 
Counter, 
iffnErrors 
Counter, 
iffnUnkownProtos 
Counter, 


. Implementation of the Interfaces Group 


Definition 


The number of network interfaces 
(regardless of their current state) present 
on this system. 


A list of interface entries. The number of 
entries is given by the value of ifNumber. 


An interface entry that contains objects at 
the subnetwork layer and below for a par- 
ticular interface. 


Interfaces 


Access 


read-only 


not-accessible 


not-accessible 


Appendix D. Management Information Base (MIB) Objects 179 
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Table 6 (Page 2 of 5). Implementation of the Interfaces Group 


Object and ASN.1 
Notation 


ifEntry (Cont.) 


ifindex 
{ ifEntry 1 } 
1.3.6.1.2.1.2.2.1.1. 


ifDescr 
{ ifEntry 2 } 
1.3.6.1.2.1.2.2.1.2. 


Syntax 


ifOutOctets 
Counter, 
ifOutUcastPkts 
Counter, 
ifOutNUcastPkts 
Counter, 
ifOutDiscards 
Counter, 
ifOutErrors 
Counter, 
ifOutQLen 
Gauge 
ifSpecific 
Object Identifier, 


Integer 


DisplayString 


Definition 


A unique value for each interface. Values 


range between 1 and the value of 


ifNumber. The value for each interface 
must remain constant for at least one start 
of the systems network management 


system to the next start. 


A text string containing information about 
the interface. This string should include 
the name of the manufacturer, the product 
name, and the version of the hardware 


interface. 
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Access 


read-only 


read-only 





—_, 


interfaces 


Table 6 (Page 3 of 5). Implementation of the Interfaces Group 


Object and ASN.1 Syntax Definition Access 
Notation 

iffype Integer The type of interface, distinguished read-only 
{ ifEntry 3 } other (1), according to the physical/link/network 


protocol(s) immediately below IP in the 


regular 1822 (2), 
g (2) protocol stack. 


hdh1822 (3), 
ddn-x25 (4), 
ricB77-x25 (5), 
ethernet-csmacd (6), 
iso88023-csmacd (7), 
iso88024-tokenBus (8), 
iso88025-tokenRing (9), 
iso88026-kman (10), 

starLan (11), 

proteon-10Mbit (12), 
proteon-80Mbit (13), 
hyperchannel (14), 

fddi (15), 

lapb (16), 

sdic (17), 

tl-carrier (18), 

cept (19), 

basicISDN (20), 

primaryISDN (21), 
propPointToPointSerial (22), 
terminalServer-asypcPort (23), 
softwareLoopback (24), 

eon (25), 

ethernet-3Mbit (26), 

nsip (27), 

slip (28) 

ultra (29), 

ds3 (30), 

sip (31), 

frame-relay (32), 


1:3,6:1.2.1.2.2.1.3. 


ifMtu Integer The size of the largest datagram that can read-only 
{ ifEntry 4} be sent or received on the interface, speci- 

fied in octets. For interfaces that are used 
1.3.6.1.2.1.2.2.1.4. for transmitting IP datagrams, this is the 

size of the largest IP datagram that can be 

sent on the interface. 


ifSpeed Gauge An estimate of the interface’s current read-only 
; bandwidth in bits per second. For inter- 
ifEntry 5 
{ y55 faces that do not vary in bandwidth or for 
1.3.6.1.2.1.2.2.1.5. those where no accurate estimate can be 
made, this object should contain the 
nominal bandwidth. 


ifPhysAddress PhysAddress The interface’s address at the protocol read-only 
{ ifEntry 6 } layer immediately below IP in the protocol 

stack. For interfaces that do not have such 
1.3.6.1.2.1.2.2.1.6. an address (for example, a serial line), 

this object should contain an octet string of 

length zero. 


Appendix D. Management Information Base (MIB) Objects 181 


Interfaces 


Table 6 (Page 4 of 5). Implementation of the Interfaces Group 


Object and ASN.1 
Notation 


ifAdminStatus 
{ ifEntry 7 } 
1.3.6.1.2.1.2.2.1.7. 


ifOperStatus 
{ ifEntry 8 } 
1.3.6.1.2.1.2.2.1.8. 


ifLastChange 
{ ifEntry 9 } 
1.3.6.1.2.1.2.2.1.9. 


ifinOctets 

{ ifEntry 10 } 
1.3.6.1.2.1.2.2.1.10. 
iffnUcastPkts 

{ ifEntry 11 } 
1.3.6.1.2.1.2.2.1.11. 
lflnNUcastPkts 

{ ifEntry 12 } 
1.3.6.1.2.1.2.2.1.12. 
iflnDiscards 

{ ifEntry 13 } 
1.3.6.1.2.1.2.2.1.13. 


iflnErrors 

{ ifEntry 14 } 
1.3.6.1.2.1.2.2.1.14. 
iftfnUnknownProtos 
{ ifEntry 15 } 
1.3.6.1.2.1.2.2.1.15. 
ifOutOctets 

{ ifEntry 16 } 
1.3.6.1.2.1.2.2.1.16. 
ifOutUcastPkts 

{ ifEntry 17 } 
1.3.6.1.2.1.2.2.1.17. 


Syntax 


Integer 


up (1), 
down (2), 
testing (3) 


INTEGER 


up (1), 
down (2), 
testing (3) 


TimeTicks 


Counter 


Counter 


Counter 


Counter 


Counter 


Counter 


Counter 


Counter 


Definition 


The desired state of the interface. The 
testing (3) state indicates that operational 
packets cannot be passed. 


The current operational state of the inter- 
face. The testing (3) state indicates that 
operational packets cannot be passed. 


The value of sysUpTime at the time the 
interface entered its current operational 
state. If the current state was entered 
before the last start-up of the local 
network management subsystem, then this 
object contains a value of zero. 


The total number of octets received on the 
interface, including framing characters. 


The number of subnetwork-unicast packets 
delivered to a higher-layer protocol. 


The number of non-unicast (for example, 
subnetwork-broadcast or 
subnetwork-multicast) packets delivered 
to a higher-layer protocol. 


The number of inbound packets that were 
chosen to be discarded even though 
errors had not been detected to prevent 
their delivery to a higher-layer protocol. 
One possible reason for discarding such a 
packet could be to free buffer space. 


The number of inbound packets that 
contain errors that prevent delivery toa 
higher-layer protocol. 


The number of packets received through 
the interface that were discarded because 
of an unknown or unsupported protocol. 


The total number of octets transmitted out 
of the interface, including framing charac- 
ters. 


The total number of packets that 
higher-level protocols requested be trans- 
mitted to a subnetwork-unicast address, 
including those that were discarded or not 
sent. 
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Access 


read-write 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


f™ 


Interfaces 
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Object and ASN.1 
Notation 


ifOutNUcastPkts 
{ ifEntry 18 } 


1.3.6.1.2.1.2.2.1.18. 


ifOutDiscards 
{ ifEntry 19 } 


1.3.6.1.2.1.2.2.1.19. 


ifOutErrors 


{ ifEntry 20 } 


1.3.6.1.2.1.2.2.1.20. 


ifOutQLen 
{ ifEntry 21 } 


1.3.6.1.2.1.2.2.1.21. 


ifSpecific 
{ ifEntry 22 } 


1.3.6.1.2.1.2.2.1.22. 


Syntax 


Counter 


Counter 


Counter 


Gauge 


Object identifier 


Definition Access 


The total number of packets that 
higher-level protocols request to be trans- 
mitted to a non-unicast (for example, a 
subnetwork-broadcast or 
subnetwork-multicast) address, including 
those that were discarded or not sent. 


read-only 


The number of outbound packets that were 
chosen to be discarded even though 
errors had not been detected to prevent 
their being transmitted. One reason for 
discarding such a packet could be to free 
buffer space. 


read-only 


The number of outbound packets that 
could not be transmitted because of 
errors. 


read-only 


The length of the output packet queue (in 
packets). 


read-only 


A reference to MIB definitions specific to 
the particular media being used to realize 
the interface. For example, if the interface 
is realized by an ethernet, then the value 
of this object refers to a document defining 
objects specific to ethernet. If this infor- 
mation is not present, its value should be 
set to the OBJECT IDENTIFIER ( 0 0 ), 
which is a syntactically valid object identi- 
fier, and any conformant implementation 
of ASN.1 and BER must be able to gen- 
erate and recognize this value. 


read-only 
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Address Translation 


Address Translation Group 


Table 7 lists the objects in the address translation group. The address translation 
group consists of one table, which shows the mapping between IP addresses and 


physical addresses. 


Table 7. Implementation of the Address Translation Group 


Definition 


Access 


Object and ASN.1 Notation 


The Address Translation tables 
contain the NetworkAddress to phys- 
ical address equivalences. Some 
interfaces do not use translation 
tables to determine address equiv- 
alences (for example, DDN-X.25 has 
an algorithmic method). If all inter- 
faces are of this type, then the 
Address Translation table is empty, it 
has zero entries. 


not-accessible 


AtEntry ::= SEQUENCE 


Each entry contains one 
NetworkAddress to the physical 
address equivalent. 


The interface on which this entry's 
equivalence is effective. The interface 
identified by a particular value of this 
index is the same interface that is 


not-accessible 


read-write 


identified by the same value of iflndex. 


Syntax 

ADDRESS TRANSLATION 

GROUP 

1.3.6.1.2.1.3 

atTable Sequence of AtEntry 

{ at 1} 

1.3.6.1.2.1.3.1 

atEntry 

{ atTable 1 } atifindex 
INTEGER 

1.3.6.1.2.1.3.1.1 

: atPhysAddress 
PhysAddress, 
atNetAddress 
NetworkAddress 

atlfindex Integer 

{ atEntry 1} 

1.3.6.1.2.1.3.1.1.1. 

atPhysAddress PhysAddress 

{ atEntry 2 } 

1:3:6:1.2. 1.371, 1-2. 

atNetAddress NetworkAddress 


{ atEntry 3 } 
1.3.6.1.2.1.3.1.1.3. 
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The media-dependent physical 
address. 


The NetworkAddress (for example, the 
IP address) corresponding to the 
media-dependent physical address. 


read-write 


read-write 


IP Group 


Table 8 (Page 7 of 7). Implementation of the IP Group 


Object and ASN.1 Notation 


IP GROUP 
1.3.6.1.2.1.4 


ipForwarding 


{ip 1} 
1.3.6.1.2.1.4.1. 


ipDefaultTTL 


{ ip 2 } 
1.3.6.1.2.1.4.2. 


ipInReceives 
{ip 3} 
1.3.6.1.2.1.4.3. 
ipinHdrErrors 
{ip 4} 
1.3.6.1.2.1.4.4. 


ip!nAddrErrors 


{ ip 5 } 
1.3.6.1.2.1.4.5. 


ipForwDatagrams 


{ip 6} 
1.3.6.1.2.1.4.6. 


iplnUnknownProtos 


{ip 7 } 
1.3.6.1.2.1.4.7. 


Syntax 


Integer 


gateway (1), 
-- entry forwards 
datagrams 
host (2) 
-- entry does NOT forward 
datagrams 


Integer 


Counter 


Counter 


Counter 


Counter 


Counter 


Definition 


Indicates if this entry is acting as an IP 
gateway for the forwarding of 
datagrams received by, but not 
addressed to, this entry. IP gateways 
forward datagrams; hosts do not, 
except those source-routed through 
the host. 


When a TTL value is not supplied by 
the transport layer protocol, the 
default value inserts into the 
time-to-live field of the IP header of 
datagrams that originate at this entry. 


The number of input datagrams 
received from interfaces, including 
those received in error. 


The number of input datagrams dis- 
carded because of errors in their IP 
headers. For example, bad 
checksums, mismatched version 
number, format errors, time-to-live 
exceeded, and processing errors in IP 
options. 


The number of input datagrams dis- 
carded because the IP address in their 
IP header’s destination field was not a 
valid address to be received at this 
entry. This count includes invalid 
addresses (for example, 0.0.0.0), 
addresses of unsupported classes (for 
example, Class E), and destination 
addresses that was not a local 
address (for example, IP gateways). 


The number of input datagrams for 
which this entry is not their final IP 
destination. As a result, an attempt is 
made to find a route to their final des- 
tination. For entries that do not act as 
IP gateways, this count includes only 
those packets that are source-routed 
successfully through this entry. 


The number of locally-addressed 
datagrams received successfully, but 
discarded because of an unknown or 
unsupported protocol. 


IP 


Table 8 lists the objects in the IP group. The IP objects are the statistics and 
gateway routing tables for the IP layer. 


Access 


read-write 


read-write 


read-only 


read-only 


read-only 


read-only 


read-only 
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IP 


Table 8 (Page 2 of 7). Implementation of the IP Group 
Object and ASN.1 Notation 


ipInDiscards 
{ip 8 } 
1.3.6.1.2.1.4.8. 


ipInDelivers 
{ip 9} 
1.3.6.1.2.1.4.9. 
ipOutRequests 
tip 10 } 
1.3.6.1.2.1.4.10. 


ipOutDiscards 


{ip 11 } 
1.3.6.1.2.1.4.11. 


ipOutNoRoutes 


Lip 12 } 
1.3.6.1.2.1.4.12. 


ipReasmTimeout 
{ip 13 j 
1.3.6.1.2.1.4.13. 
ipReasmReqds 
tip 14 } 
1.3.6.1.2.1.4.14. 
ipReasmOKs 
{ip 15 } 
1.3.6.1.2.1.4.15. 
ipReasmFails 
{ ip 16 } 
1.3.6.1.2.1.4.16. 


ipFragOKs 
{ip 17 } 
1.3.6.1.2.1.4.17. 
ipFragFails 

Lip 18 } 
1.3.6.1.2.1.4.18. 
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Syntax 


Counter 


Counter 


Counter 


Counter 


Counter 


Integer 


Counter 


Counter 


Counter 


Counter 


Counter 


Definition 


The number of input IP datagrams that 
are processed without problems, but 
are discarded. For example, for lack 
of buffer space. This count does not 
include any datagrams discarded 
while awaiting reassembly. 


The number of input datagrams suc- 
cessfully delivered to IP 
user-protocols including ICMP. 


The number of IP datagrams that are 
supplied to IP and ICMP in requests 
for transmission. This count does not 
include datagrams counted in 
ipForwDatagrams. 


The number of output IP datagrams 
that transmit without problems, but 
are discarded. For example, for lack 
of buffer space. This count includes 
datagrams in ipForwDatagrams that 
meet this discard criterion. 


The number of IP datagrams dis- 
carded because no route can transmit 
them to their destination. This count 
includes packets in ipForwDatagrams 
that meet this no-route criterion. 


The maximum number of seconds that 
received fragments are held while 
awaiting reassembly at this entry. 


The number of IP fragments that are 
received and need to be reassembled 
at this entry. 


The number of IP datagrams reassem- 
bled without problems. 


The number of failures detected by the 
IP reassembly algorithm. This is nota 
count of discarded IP fragments 
because some algorithms can lose 
track of the number of fragments by 
combining them as they are received. 


The number of IP datagrams that have 
fragmented at this entry without prob- 
lems. 


The number of IP datagrams that 
should have been fragmented at this 
entry, but were not because their 
Don’t Fragment flag was set. 





Access 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 
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Object and ASN.1 Notation 


ipFragCreates 

{ ip 19 } 
1.3.6.1.2.1.4.19. 
ipAddrTable 

{ ip 20 } 
1.3.6.1.2.1.4.20 
ipAddrEntry 

{ ipAddrTable 1 } 
1.3.6.1.2.1.4.20.1 


ipAdEntAddr 

{ ipAddrEntry 1 } 
1.3.6.1.2.1.4.20.1.1. 
ipAdEntlflndex 

{ ipAddrEntry 2 } 
1.3.6.1.2.1.4.20.1.2. 


ipAdEntNetMask 
{ ipAddrEntry 3 } 
1.3.6.1.2.1.4.20.1.3. 


ipAdEntBcastAddr 
{ ipAddrEntry 4 } 
1.3.6.1.2.1.4.20.1.4. 


ipAdEntReasmMaxSize 
{ ipAddrEntry 5 } 
1.3.6.1.2.1.4.20.1.5 
ipRoutingTable 

tip 2} 

1.3.6.1.2.1.4.21 


Syntax 


Counter 


SEQUENCE OF IpAddrEntry 


lpAddrEntry ::= 
SEQUENCE 
ipAdEntAddr 
lpAddress, 
ipAdEntlflndex 
INTEGER, 
ipAdEntNetMask 
lpAddress, 
ipAdEntBeastAddr 
INTEGER 
ipAdEntReasmMaxSize 
INTEGER (0..65535) 


lpAddress 


Integer 


lpAddress 


Integer 


Integer (0..65535) 


SEQUENCE OF 
lpRouteEntry 


Definition 


The number of IP datagram fragments 
that have been generated, because of 
fragmentation at this entry. 


A table that contains addressing infor- 
mation relevant to this entry’s IP 
addresses. 


The addressing information for one of 
this entry's IP addresses. 


The IP address pertaining to this 
entry’s addressing information. 


The index value that uniquely identi- 
fies the interface to which this entry is 
applicable. The interface identified by 
a particular value of this index is the 
same interface that is identified by the 
same value of iflndex. 


The subnet mask associated with the 
IP address of this entry. The value of 
the mask is an IP address with all the 
network bits set to 1 and all the hosts 
bits set to 0. 


The value of the least-significant bit in 
the IP broadcast address used for 
sending datagrams on the (logical) 
interface associated with the IP 
address of this entry. For example, 
when the internet standard all-ones 
broadcast address is used, the value 
is 1. 


The size of the largest IP datagram 
which this entity can reassemble from 
incoming IP fragmented datagrams 
received on this interface. 


This entry’s IP routing table. 


Access 


read-only 


not-accessible 


not-accessible 


read-only 


read-only 


read-only 


read-only 


read-only 


not-accessible 
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IP 


Table 8 (Page 4 of 7). Implementation of the [P Group 


Object and ASN.1 Notation 


ipRouteEntry 
{ ipRoutingTable 1 } 
1.3.6.1.2.1.4.21.1 


ipRouteDest 
{ ipRouteEntry 1 } 
1.3.6.1.2.1.4.21.1.1. 


ipRoutelflndex 
{ ipRouteEntry 2 } 
1.3.6.1.2.1.4.21.1.2. 


ipRouteMetrict 
{ ipRouteEntry 3 } 
1.3.6.1.2.1.4.21.1.3. 


ipRouteMetric2 
{ ipRouteEntry 4 } 
1.3.6.1.2.1.4.21.1.4. 


Syntax 


IlpRouteEntry ::= 
SEQUENCE 


ipRouteDest 
lpAddress, 
ipRoutelfindex 
INTEGER, 
ipRouteMetrict 
INTEGER, 
ipRouteMetric2 
INTEGER, 
ipRouteMetric3 
INTEGER, 
ipRouteMetric4 
INTEGER, 
ipRouteNextHop 
lpAddress, 
ipRouteType 
INTEGER, 
ipRouteProto 
INTEGER, 
ipRouteAge 
INTEGER 
ipRouteMask 
lpAddress 
ipRouteMetric5 
Integer 
ipRoutelnfo 
Objectidentifier 


lpAddress 


Integer 


Integer 


Integer 
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Definition 


A route to a particular destination. 


The destination IP address of this 
route. An entry with a value of 0.0.0.0 
is considered a default route. Multiple 
default routes can appear in the table, 
but access to these multiple entries is 
dependent on the table-access mech- 
anisms defined by the network man- 
agement protocol in use. 


The index value that uniquely identi- 
fies the local interface through which 
the next hop of this route should be 
reached. The interface identified by a 
particular value of this index is the 
same interface that is identified by the 
same value of iflndex. 


The primary routing metric for this 
route. The semantics of this metric 
are determined by the routing protocol 
specified in the route’s ipRouteProto 
value. If this metric is not used, its 
value should be set to -1. 


An alternative routing metric for this 
route. The semantics of this metric 
are determined by the 
routing-protocol specified in the 
route’s ipRouteProto value. If this 
metric is not used, its value should be 
set to -1. 


Access 


read-write 


read-write 


read-write 


read-write 


Table 8 (Page 5 of 7). Implementation of the IP Group 


Object and ASN.1 Notation 


ipRouteMetric3 
{ ipRouteEntry 5 } 


1.3.6.1.2.1.4.21.1.5. 


ipRouteMetric4 
{ ipRouteEntry 6 } 


1.3.6.1.2.1.4.21.1.6. 


ipRouteNextHop 
{ ipRouteEntry 7 } 


1.3.6.1.2.1.4.21.1.7. 


ipRouteType 
{ ipRouteEntry 8 } 


1.3.6.1.2.1.4.21.1.8. 


ipRouteProto 


{ ipRouteEntry 9 } 


1.3.6.1.2.1.4.21.1.9. 


ipRouteAge 


{ ipRouteEntry 10 } 
1.3.6.1.2.1.4.21.1.10. 


Syntax 


Integer 


Integer 


lpAddress 


Integer 


other (1), 
invalid (2), 
direct (3), 
remote (4) 


Integer 


other (1), 
local (2), 
netmgmt (3), 
icmp (4), 

egp (5), 

ggp (6), 

hello (7), 

rip (8), 

is-is (9), 

es-is (10), 
ciscolgrp (11), 
bbnSpfigp (12), 
ospf (13) 


Integer 


Definition 


An alternative routing metric for this 
route. The semantics of this metric 
are determined by the routing protocol 
specified in the route’s ipRouteProto 
value. If this metric is not used, its 
value should be set to -1. 


An alternative routing metric for this 
route. The semantics of this metric 
are determined by the 
routing-protocol specified in the 
route’s ipRouteProto value. If this 
metric is not used, its value should be 
set to -1. 


The IP address of the next hop of this 
route. 


The type of route. 


The routing mechanism by which this 
route was learned. Inclusion of values 
for gateway routing protocols is not 
intended to imply that hosts should 
support those protocols. 


The number of seconds since this 
route was last updated or otherwise 
determined to be correct. Note 
semantics of too o/d cannot be 
implied, except through knowledge of 
the routing protocol by which the route 
was learned. 


Access 


read-write 


read-write 


read-write 


read-write 


read-only 


read-write 
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Table 8 (Page 6 of 7). Implementation of the IP Group 
Object and ASN.1 Notation Syntax 

ipRouteMask lpAddress 

{ ipRouteEntry 11 } 

1.3.6.1.2.1.4.21.1.11. 


ipRouteMetric5 Integer 
{ ipRouteEntry 12 } 
1.3.6.1.2.1.4.21.1.12. 


ipRoutelnfo Object Identifier 
{ ipRouteEntry 13 } 
1.3.6.1.2.1.4.21.1.13. 


IP Address Translation Table 


1.3.6.1.2.1.4.22 
ipNetToMediaTable SEQUENCE OF 
{ ip 22 } lpNetToMediaEntry 


1.3.6.1.2.1.4.22.1 
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Definition 


Indicate the mask to be logical-ANDed 
with the destination address before 
being compared to the value in the 
ipRouteDest field. For those systems 
that do not support arbitrary subnet 
masks, an agent constructs the value 
of the ipRouteMask by determining 
whether the value of the corre- 
spondent ipRouteDest field belong to a 
class-A, B, or C network, and then 
using one of: 


mask network 
255.0.0.0 Class-A 
255.255.0.0 Class-B 


255.255.255.0 Class-A 


If the value of the ipRouteDest is 
0.0.0.0 (default route), then the mask 
value is also 0.0.0.0. All IP routing 
subsystems implicitly use this mech- 
anism. 


An alternate routing metric for this 
route. The semantics of this metric 
are determined by the 
routing-protocol specified in the 
route’s ipRouteProto value. If this 
metric is not used, its value should be 
set to -1. 


A reference to MIB definitions specific 
to the particular routing protocol 
which is responsible for this route, as 
determined by the value specified in 
the route’s ipRouteProto value. If this 
information is not present, its value 
should be set to the OBJECT IDENTI- 
FIER (00 ), which is a syntactically 
valid object identifier, and any 
conformant implementation of ASN.1 
and BER must be able to generate and 
recognize this value. 


The IP address translation table con- 
tains the ipAddress to physical 
address equivalences. Some inter- 
faces do not use translation tables for 
determining address equivalences (for 
example, DDN-X.25 has an algorithmic 
method); if all interfaces are of this 
type, then the Address Translation 
Table is empty, that is, has zero 
entries. 


The IP Address Translation table used 
for mapping from IP addresses to 
physical addresses. 


Access 


read-write 


read-write 


read-only 


not-accessible 


not-accessible 





_ 


Table 8 (Page 7 of 7). Implementation of the IP Group 
Object and ASN.1 Notation Syntax 


ipNetToMediaEntry 
INTEGER, 


ipNetToMedialfindex 


Definition 


Each entry contains one ipAddress to 
physical address equivalence. 


ipNetloMediaPhysAddress 


PhysAddress, 


ipNetloMediaNetAddress 


lpAddress, 
ipNetloMediaType 
INTEGER 


ipNetToMedialflndex 
{ ipNetToMediaEntry 1 } 
1.3.6.1.2.1.4.22.71.1 


Integer 


ipNetloMediaPhysAddress 
{ ipNetToMediaEntry 2 } 
1.3.6.1.2.1.4.22.1.2 


Octet string 


ipNetToMediaNetAddress ipAddress 
{ ipNetToMediaEntry 3 } 

1.3.6.1.2.1.4.22.1.3 

ipNetloMediaType Integer 


{ ipNetToMediaEntry 4 } 
1.3.6.1.2.1.4.22.1.4 


The interface on which this entry’s 
equivalence is effective. The interface 
identified by a particular value of this 
Index is the same intertace as identi- 
fied by the same value of iflndex. 


The media-dependent physical 
address. 


The IpAddress corresponding to the 
media-dependent ‘physical’ address. 


The type of mapping. 


Setting this object to the value 
invalid(2) has the effect of invalidating 
the corresponding entry in the 
ipNetToMediaTable. That is, it effec- 
tively disassociates the interface iden- 
tified with said entry from the mapping 
identified with said entry. It is an 
implementation-specific matter as to 
whether the agent removes an invali- 
dated entry from the table. Accord- 
ingly, management stations must be 
prepared to receive tabular informa- 
tion from agents that corresponds to 
entries not currently in use. Proper 
interpretation of such entries requires 
examination of the relevant 
ipNetloMediaType object. 
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Access 


not-accessible 


read-write 


read-write 


read-write 


read-write 
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ICMP 


ICMP Group 


Table 9 (Page 7 of 3). Implementation of the ICMP Group 


Object and ASN.1 Notation 


ICMP GROUP 
1.3.6.1.2.1.5 


icmpInMsgs 
{icmp 1 } 
1.3.6.1.2.1.5.1.0 
icmpInErrors 

{ icmp 2 } 
1.3.6.1.2.1.5.2.0 
icmpInDestUnreachs 
{icmp 3 } 
1.3.6.1.2.1.5.3.0 
icmpInTimeExcds 
{ icmp 4 } 
1.3.6.1.2.1.5.4.0 
icmpiInParmProbs 
{ icmp 5 } 
1.3.6.1.2.1.5.5.0 
icmpInSrcQuenchs 
{ icmp 6 } 
1.3.6.1.2.1.5.6.0 
icmpinRedirects 

{ icmp 7 } 
1.3.6.1.2.1.5.7.0 
icmpInEchos 

{ icmp 8 } 
1.3.6.1.2.1.5.8.0 
icmpiInEchoReps 

{ icmp 9 } 
1.3.6.1.2.1.5.9.0 
icmpInTimestamps 
{ icmp 10 } 
1.3.6.1.2.1.5.10.0 


icmpinTimestampReps 


{ icmp 11 } 
1:3.6.1.2:1,5.11.0 


Syntax 


Counter 


Counter 


Counter 


Counter 


Counter 


Counter 


Counter 


Counter 


Counter 


Counter 


Counter 


Definition 


The number of ICMP messages that the entity 
received. This counter includes all those 
counted by icmpinErrors. 


The number of ICMP messages that the entity 
received. and determines ICMP specific 
errors (bad ICMP checksums, bad length). 


The number of ICMP destination Unreachable 
messages received. 


The number of ICMP Time Exceeded mes- 
sages received. 


The number of ICMP Parameter Problem mes- 
sages received. 


The number of ICMP Source Quench mes- 
sages received. 


The number of ICMP Redirect messages 
received. 


The number of ICMP Echo (request) mes- 
sages received. 


The number of ICMP Echo Reply messages 
received. 


The number of ICMP Timestamp (request) 
messages received. 


The number of ICMP Timestamp Reply mes- 
sages received. 
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Table 9 lists the objects in the ICMP group. The ICMP objects are the input and 
output error and control message statistics for the IP layer. 


Access 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


— 


Table 9 (Page 2 of 3). Implementation of the ICMP Group 


Object and ASN.1 Notation 


icmpInAddrMasks 
{ icmp 12 } 
1.3.6.1.2.1.5.12.0 
icmpInAddrMaskReps 
{ icmp 13 } 
1.3.6.1.2.1.5.13.0 
icmpOutMsgs 

{ icmp 14 } 
1.3.6.1.2.1.5.14.0 
icmpOutErrors 

{ icmp 15 } 
1.3.6.1.2.1.5.15.0 


icmpOutDestUnreachs 
{ icmp 16 } 
1.3.6.1.2.1.5.16.0 
icmpOutTimeExcds 
{ icmp 17 } 
1.3.6.1.2.1.5.17.0 
icmpOutParmProbs 
{ icmp 18 } 
1.3.6.1.2.1.5.18.0 
icmpOutSrcQuenches 
{ icmp 19 } 
1.3.6.1.2.1.5.19.0 
icmpOutRedirects 
{icmp 20 } 
1.3.6.1.2.1.5.20.0 
icmpOutEchos 
{icmp 21 } 
1.3.6.1.2.1.5.21.0 
icmpOutEchoReps 
{icmp 22 } 
1.3.6.1.2.1.5.22.0 
icmpOutTimestamps 
{ icmp 23 } 
1.3.6.1.2.1.5.23.0 


Syntax 


Counter 


Counter 


Counter 


Counter 


Counter 


Counter 


Counter 


Counter 


Counter 


Counter 


Counter 


Counter 


Definition 


The number of ICMP Address Mask Request 
messages received. 


The number of }CMP Address Mask Reply 
messages received. 


The number of ICMP messages sent. This 
counter includes icmpOutErrors. 


The number of ICMP messages that this entity 
did not send because of problems within 
ICMP. For example, no buffers. This value 
should not include errors outside the ICMP 
layer. For example, the inability of IP to route 
the resulting datagram. In some implementa- 
tions, there may not be error types that con- 
tribute to the counter’s value. 


The number of ICMP Destination Unreachable 
messages sent. 


The number of ICMP Time Exceeded mes- 
sages sent. 


The number of ICMP Parameter Problem mes- 
sages sent. 


The number of ICMP Source Quench mes- 
sages sent. 


The number of !CMP Redirect messages sent. 
For a host, this object is always zero, hosts do 
not send redirects. 


The number of ICMP Echo (request) mes- 
sages sent. 


The number of ICMP Echo Reply messages 
sent. : 


The number of ICMP Timestamp (request) 
messages sent. 


ICMP 


Access 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 
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ICMP 


Table 9 (Page 3 of 3). Implementation of the ICMP Group 


Object and ASN.1 Notation Syntax 
icmpOutTimestampReps Counter 
{ icmp 24 } 

1.3.6.1.2.1.5.24.0 

icmpOutAddrMasks Counter 
{icmp 25 } 


1.3.6.1.2.1.5.25.0 

icmpOutAddrMasksReps Counter 
{ icmp 26 } 

1.3.6.1.2.1.5.26.0 


Definition 


The number of ICMP Timestamp Reply mes- 
sages sent. 


The number of ICMP Address Mask Request 
messages sent. 


The number of ICMP Address Mask Reply 
messages sent. 
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Access 


read-only 


read-only 


read-only 


f— % 


TCP Group 


TCP 


Table 10 lists the objects in the TCP group. The TCP objects are the data trans- 
mission statistics and connection data for the TCP layer. 


Note: Objects that represent information about a particular TCP connection are 
transient; the objects exist only as long as the specified connection is in use. 


Table 10 (Page 7 of 3). Implementation of the TCP Group 


Object and ASN.1 Notation Syntax Definition Access 


TCP GROUP 
1.3.6.1.2.1.6 


tcpRtoAlgorithm 
{ tep 1} 
1.3.6.1.2.1.6.1. 


tcpRtoMin 


{ tcp 2 } 
1.3.6.1.2.1.6.2. 


tcpRtoMax 


{ tcp 3} 
1.3.6.1.2.1.6.3. 


tcpMaxConn 


{ tcp 4 } 
1.3.6.1.2.1.6.4. 


tcpActiveOpens 

{ tcp 5 } 
1.3.6.1.2.1.6.5. 
tcpPassiveOpens 


{ tcp 6 } 
1.3.6.1.2.1.6.6. 


Integer The algorithm used to determine the read-only 
time-out value used for retransmitting 
other (1) 
; unacknowledged octets. 
-- none of the following 


constant (2) 
-- a contant rto 
rsre (3) 
--MIL-STD-1778 
vanj (4) 
-- Van Jacobson’s algorithm 


Integer The minimum value allowed by a TCP read-only 
implementation for the retransmission 
time-out, measured in milliseconds. 
More refined semantics for objects of 
this type depend upon the algorithm 
used to determine the retransmission 
time-out. For example, when the 
time-out algorithm is rsre (3), an 
object of this type has the semantics 
of the LBOUND quantity described in 
RFC 793. 


Integer The maximum value allowed by a TCP read-only 
implementation for the retransmission 
time-out, measured in milliseconds. 
More refined semantics for objects of 
this type depend upon the algorithm 
used to determine the retransmission 
time-out. For exampie, when the 
time-out algorithm is rsre (3), an 
object of this type has the semantics 
of the UBOUND quantity described in 
RFC 793. 


Integer The limit on the number of TCP con- read-only 
nections the entry can support. In 
entities where the maximum number 
of connections is dynamic, this object 
should be -1. 


Counter The number of times TCP connections read-only 
have made a direct transition to the 
SYN-SENT state from the CLOSED 
state. 





Counter The number of times TCP connections read-only 
have made a direct transition to the 
SYN-RCVD state from the LISTEN 
State. 
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TCP 


Table 10 (Page 2 of. 3). Implementation of the TCP Group 


Object and ASN.1 Notation 


tcpAttemptFails 
{tcp 7 } 
1.3.6.1.2.1.6.7. 


tcpEstabResets 


{tcp 8 } 
1.3.6.1.2.1.6.8. 


tcpCurrEstab 

{ tcp 9 } 
1.3.6.1.2.1.6.9. 
tcpinSegs 

{ tcp 10 } 
1.3.6.1.2.1.6.10. 


tcpOutSegs 


{tcp 11} 
1.3.6.1.2.1.6.11. 


tcpRetransSegs 
{tcp 12 } 
1.3.6.1.2.1.6.12. 
tcpConntable 

{ tcp 13 } 
1.3.6.1.2.1.6.13 
tcpConnEntry 

{ tcpConnTable 1 } 
1.3.6.1.2.1.6.13.1 


Syntax 


Counter 


Counter 


Gauge 


Counter 


Counter 


Counter 


SEQUENCE OF 
TcpConnEntry 


TcpConneEntry :: 
= SEQUENCE 
tcpConnState 
INTEGER, 
tcpConnLocalAddress 
lpAddress, 
tcpConnLocalPort 
INTEGER 
(0..65535), 
tcpConnRemAddress 
ipAddress, 
tcpConnRemPort 
INTEGER (0..65535) 
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Definition 


The number of times TCP connections 
have made a direct transition to the 
CLOSED state from either the 
SYN-SENT state or the SYN-RCVD 
state, plus the number of times TCP 
connections have made a direct tran- 
sition to the LISTEN state from the 
SYN-RCVD state. 


The number of times TCP connections 
have made a direct transition to the 
CLOSED state from either the ESTAB- 
LISHED or CLOSE-WAIT. 


The number of TCP connections of the 
current state that are either ESTAB- 
LISHED or CLOSE-WAIT. 


The total number of segments 
including those received in error. 

This count includes segments 
received on currently established con- 
nections. 


The total number of segments sent 
including those on currently estab- 
lished connections, but excluding 
those containing only retransmitted 
octets. 


The total number of segments retrans- 
mitted that contain one or more previ- 
ously transmitted octets. 


A table that contains TCP 
connnection-specific information 


Information about a certain current 
TCP connection. An object of this type 
is transient. It does not exist when (or 
soon after) the connection makes the 
transition to the CLOSED state. 


Access 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


not-accessible 


not-accessible 


N 


fr 


A 


Table 10 (Page 3 of 3). Implementation of the TCP Group 


Object and ASN.1 Notation Syntax Definition 
tcpConnState Integer The TCP connection status. 
closed(1) 
tcpConnEntry 1 
IePEOnnE Rts) listen(2), 
1.3.6.1.2.1.6.13.1.1. synSent(3), 


tcpConnLocalAddress 
{ tcpConnEntry 2 } 
1.3.6.1.2.1.6.13.1.2. 


tcpConnLocalPort 
{ tcpConnEntry 3 } 
1.3.6.1.2.1.6.13.1.3. 
tcpoConnRemAddress 
{ tcpConnEntry 4 } 
1.3.6.1.2.1.6.13.1.4. 
tcoConnRemPort 

{ tepConnEntry 5 } 
1.3.6.1.2.1.6.13.1.5. 
tcpInErrs 

{ tcp 14 } 
1.3.6.1.2.1.6.14.0 
tcpOutRsts 

{ tcp 15 } 
1.3.6.1.2.1.6.15.0 


(0.65535) 


(0..65535) 


synReceived(4), 
established(5), 
finWait1(6), 
finWait2(7), 
closeWait(8), 
lastAck(9), 
closing(10), 
timeWait(11) 
deleteTCB(12) 


lpAddress The local IP address for this TCP con- 


nection. In the case of a connection in 
the listen state which is willing to 
accept connections for any IP inter- 
face associated with the node, the 
value 0.0.0.0 is used. 


Integer The local port number of this TCP con- 
nection. 

lpAddress The remote IP address of this TCP 
connection. 

Integer The remote port number of this TCP 
connection. 

Counter The total number of segments 


received in error (for example, bad 
TCP checksums). 


Counter The number of TCP segments sent. 


containing the RST flag. 


TCP 


Access 


read-write 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 
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UDP 


UDP Group 


Table 11. Implementation of the UDP Group 


Object and ASN.1 
Notation 


UDP GROUP 
1.3.6.1.2.1.7 


udpInDatagrams 
{ udp 1 } 
1.3.6.1.2.1.7.1.0 
udpNoPorts 

{ udp 2 } 
1.3.6.1.2.1.7.2.0 
udpInErrors 

{ udp 3 } 
-1.3.6.1.2.1.7.3.0 
udpOutDatagrams 
{ udp 4 } 
1.3.6.1.2.1.7.4.0 


UDP Listener Table 
1.3.6.1.2.1.7.5 


udpTable 
1.3.6.1.2.1.7.5.1 


udpEntry 


udpLocalAddress 
1.3.6.1.2.1.7.5.1.1 


udpLocalPort 
1.3.6.1.2.1.7.5.1.2 


Syntax Definition 


Counter The number of UDP datagrams delivered 
to UDP users. 


Counter The number of UDP datagrams received 
where there was no application at the des- 
tination port. 


Counter The number of UDP datagrams received 
that could not be delivered for reasons 
other than the lack of an application at the 
destination port. 


Counter The number of UDP datagrams sent from 
this entry. 


The UDP listener table contains informa- 
tion about this entity's UDP end-points on 
which a local application is currently 
accepting datagrams. 


SEQUENCE OF A table containing UDP listener informa- 
UdpEntry tion. 
udpEntry ::= Information about a particular current UDP 
SEQUENCE listener. 
udpLocalAddress 
lpAddress, 


udpLocalPort 
INTEGER (0..65535) 


lpAddress The local IP address for this listener. In 
the case of a UDP listener that can accept 
datagrams for any IP interface associated 
with the node, the value 0.0.0.0 is used. 


Integer The local port number for this UDP lis- 
tener. 
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Table 11 lists the objects in the UDP group. The UDP objects are the datagram sta- 
tistics of the UDP layer. 


Access 


read-only 


read-only 


read-only 


read-only 


not-accessible 


not-accessible 


not-accessible 


read-only 


read-only 


EGP Group 
Table 12 lists the objects in the EGP group. 


Table 12 (Page 71 of 3). Implementation of the EGP Group 


Object and ASN.1 Syntax Definition 

Notation 

EGP GROUP 

1.3.6.1.2.1.8 

egpIinMsgs Counter The number of EGP messages received 
1.3.6.1.2.1.8.1.0 without error. 

egpInErrors Counter The number of EGP messages received 
1.3.6.1.2.1.8.2.0 that proved to be in error. 

egpOutMsgs Counter The total number of locally generated EGP 
1.3.6.1.2.1.8.3.0 messages. 

egpOutErrors Counter The number of locally generated EGP 
1.3.6.1.2.1.8.4.0 messages not sent because of resource 


egpNeighTable 
1.3.6.1.2.1.8.5 


SEQUENCE OF 
EgpNeighEntry 


limitations within an EGP entity. 


Information about this entity's relationship 
with a particular EGP neighbor. 


egpNeighEntry 
1.3.6.1.2.1.8.5.1 


EgpNeighEntry ::= 
SEQUENCE 


egpNeighState 
INTEGER, 
egpNeighAddr 
lpAddress, 
egpNeighAs 
INTEGER, 
egpNeighinMsgs 
Counter, 
egpNeighinErrs 
Counter, 
egpNeighOutMsgs 
Counter, 
egpNeighOutErrs 
Counter, 
egpNeighInErrMsgs 
Counter, 
egpNeighOutErrMsgs 
Counter, 
egpNeighStateUps 
Counter, 
egpNeighStateDowns 
Counter, 
egpNeighintervalHello 
INTEGER, 
egpNeighintervalPoll 
INTEGER, 
egpNeighMode 
INTEGER, 
egpNeighEventT rigger 
INTEGER 


Information about this entity's relationship 
with a particular EGP neighbor. 


EGP 


Access 


read-only 


read-only 


read-only 


read-only 


not-accessible 


not-accessible 
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EGP 


Table 12 (Page 2 of 3). Implementation of the EGP Group 


Object and ASN.1 
Notation 


egpNeighState 
{ egpNeighEntry 1 } 
1.3.6.1.2.1.8.5.1.1 


egpNeighAddr 

{ egpNeighEntry 2 } 
1.3.6.1.2.1.8.5.1.2 
egpNeighAs 

{ egpNeighEntry 3 } 
1.3.6.1.2.1.8.5.1.3 
egpNeighInMsgs 

{ egpNeighEntry 4 } 
1.3.6.1.2.1.8.5.1.4 
egpNeighinErrs 

{ egpNeighEntry 5 } 
1.3.6.1.2.1.8.5.1.5 
egpNeighOutMsgs 
{ egpNeighEntry 6 } 
1.3.6.1.2.1.8.5.1.6 
egpNeighOutErrs 

{ egpNeighEntry 7 } 
1.3.6.1.2.1.8.5.1.7 
egpNeighInErrMsgs 
{ egpNeighEntry 8 } 
1.3.6.1.2.1.8.5.1.8 


egpNeighOutErrMsgs 


{ egpNeighEntry 9 } 
1.3.6.1.2.1.8.5.1.9 
egpNeighStateUps 

{ egpNeighEntry 10 } 
1.3.6.1.2.1.8.5.1.10 


egpNeighStateDowns 
{ egpNeighEntry 11 } 


1.3.6.1.2.1.8.5.1.11 


egpNeighIntervalHello 


{ egpNeighEntry 12 } 
1.3.6.1.2.1.8.5.1.12 


Syntax 


Integer 


lpAddress 


Integer 


Counter 


Counter 


Counter 


Counter 


Counter 


Counter 


Counter 


Counter 


Integer 


Definition 


the EGP state of the local system with 
respect to this entry’s EGP neighbor. Each 
EGP state is represented by a value that is 
one greater than the numerical value 
associated with said state in RFC 904. 


The IP address of this entry’s EGP 
neighbor. 


The autonomous system of this EGP peer. 
Zero should be specified if the auton- 
omous system number of the neighbor is 
not yet known. 


The number of EGP messages received 
without error from this EGP peer. 


The number of EGP messages received 
from this EGP peer that proved to be in 
error (for example, bad EGP checksum). 


The number of locally generated EGP 
messages to this EGP peer. 


The number of locally generated EGP 
messages not sent to this EGP peer 
because of resource limitations within an 
EGP entity. 


The number of EGP-defined error mes- 
sages received from this EGP peer. 


The number of EGP-defined error mes- 
sages sent to this EGP peer. 


The number of EGP state transitions to the 
UP state with this EGP peer. 


The number of EGP state transitions from 
the UP state to any other state with this 
EGP peer. 


The interval between EGP HELLO 
command retransmissions (in hundredths 
of a second). This represents the t1 timer 
as defined in RFC 904. 
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Access 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


= 


Table 12 (Page 3 of 3). Implementation of the EGP Group 


Object and ASN.1 Syntax 
Notation 
egpNeighintervaiPoll Integer 


{ egpNeighEntry 13 } 
1.3.6.1.2.1.8.5.1.13 
egpNeighMode Integer 
{ egpNeighEntry 14 } 
1.3.6.1.2.1.8.5.1.14 
egpNeighEventTrigger Integer 
{ egpNeighEniry 15 } 
1.3.6.1.2.1.8.5.1.15 


egpAs Integer 
1.3.6.1.2.1.8.6 


Definition 


The interval between EGP POLL command 
retransmissions (in hundredths of a 
second). This represents the t3 timer as 
defined in RFC 904. 


The polling mode of this EGP entity, either 
passive or active. 


A control variable used to trigger 
operator-initiated Start and Stop events. 
When read, this variable always returns 
the most recent value to which 
egpNeighEventTrigger was set. If it has 
not been set since the last initialization of 
the network management subsystem on 
the node, it returns a value of ‘stop’. 


When set, this variable causes a Start or 
Stop event on the specified neighbor, as 
specified in RFC 904. A Start event causes 
an Idle peer to begin neighbor acquisition 
and a non-ldle peer to reinitiate neighbor 
acquisition. A Stop event causes an 
non-ldle peer to return to the Idle state 
until a Start event occurs, either by 
egpNeighEventTrigger or otherwise. 


The autonomous system number of this 
EGP entity. 


EGP 


Access 


read-only 


read-only 


read-write 


read-only 
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SNMP 


SNMP GROUP 


Table 13 lists the objects in the SNMP group. 


Table 13 (Page 71 of 3). Implementation of the SNMP Group 


Object and ASN.1 Notation 


SNMP GROUP 
1.3.6.1.2.1.11 


snmpIinPkts 

{snmp 1 } 
1.3.6.1.2.1.11.1.0 
snmpOutPkts 
{snmp 2 } 
1.3.6.1.2.1.11.2.0 
snmpInBadVersions 
{snmp 3 } 
1.3.6.1.2.1.11.3.0 
snmpiInBadCommunityNames 
{ snmp 4 } 
1.3.6.1.2.1.11.4.0 


snmpInBadCommunityUses 
{snmp 5 } 
1.3.6.1.2.1.11.5.0 


snmpInASNParseErrs 
{ snmp 6 } 
1.3.6.1.2.1.11.6.0 
snmpinTooBigs 

{ snmp 8 } 
1.3.6.1.2.1.11.8.0 


snmpiInNoSuchNames 
{snmp 9 } 
1.3.6.1.2.1.11.9.0 


snmpinBadValues 
{snmp 10 } 
1.3.6.1.2.1.11.10.0 


Syntax 


Counter 


Counter 


Counter 


Counter 


Counter 


Counter 


Counter 


Counter 


Counter 


Definition 


The total number of Messages 
delivered to the SNMP entity from 
the transport service. 


The total number of SNMP Mes- 
sages that were passed from the 
SNMP protocol entity to the trans- 
port service. 


The total number of SNMP Mes- 
sages that were delivered to the 
SNMP protocol entity and were for 
an unsupported SNMP version. 


The total number of SNMP Mes- 
Sages delivered to the SNMP pro- 
tocol entity that used a SNMP 
community name not known to 
said entity. 


The total number of SNMP Mes- 
sages delivered to the SNMP pro- 
tocol entity that represented an 
SNMP operation that was not 
allowed by the SNMP community 
named in the Message. 


The total number of ASN.1 or BER 
errors encountered by the SNMP 
protocol entity when decoding 
received SNMP Messages. 


The total number of SNMP PDUs 
that were delivered to the SNMP 
protocol entity and for which the 
value of the error-status field is 
‘tooBig’. 

The total number of SNMP PDUs 
which were delivered to the SNMP 
protocol entity and for which the 


value of the error-status field is 
‘noSuchName’. 


The total number of SNMP PDUs 
that were delivered to the SNMP 
protocol entity and for which the 
value of the error-status field is 
‘padValue’. 


202 = IBMTCP/IP Version 1.2 for OS/2: Installation and Maintenance 





Access 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


Table 13 (Page 2 of 3). Implementation of the SNMP Group 


Object and ASN.1 Notation 


snmpInReadOnlys 
{snmp 11 } 
1.3.6.1.2.1.11.11.0 


snmpinGeneErrs 
{snmp 12 } 
1.3.6.1.2.1.11.12.0 


snmpinTotalReqVars 
{snmp 13 } 
1.3.6.1.2.1.11.13.0 


snmplinTotalSetVars 
{ snmp 14 } 
1.3.6.1.2.1.11.14.0 


snmpInGetRequests 
{snmp 15 } 
1.3.6.1.2.1.11.15.0 
snmpinGetNexts 
{snmp 16 } 
1.3.6.1.2.1.11.16.0 
snmpInGetSetRequests 
{snmp 17 } 
1.3.6.1.2.1.11.17.0 
snmpInGetResponses 
{snmp 18 } 
1.3.6.1.2.1.11.18.0 
snmpinTraps 

{snmp 19 } 
1.3.6.1.2.1.11.19.0 
snmpOutTooBigs 

{ snmp 20 } 
1.3.6.1.2.1.11.20.0 


Syntax 


Counter 


Counter 


Counter 


Counter 


Counter 


Counter 


Counter 


Counter 


Counter 


Counter 


Definition 


The total number of valid SNMP 
PDUs that were delivered to the 
SNMP protocol entity and for 
which the value of the error-status 
field is ‘readOnly’. It is a protocol 
error to generate an SNMP PDU 
that contains the value ‘readOnly’ 
in the error-status field, as such 
this object is provided as a means 
of detecting incorrect implementa- 
tion of the SNMP. 

The total number of SNMP PDUs 
that were delivered to the SNMP 
protocol entity and for which the 
value of the error-status field is 
‘genErr’. 


The total number of MIB objects 
that have been retrieved success- 
fully by the SNMP protocol entity 
as the result of receiving valid 
SNMP Get-Request and Get-Next 
PDUs. 


The total number of MIB objects 
that have been altered success- 
fully by the SNMP protocol entity 
as the result of receiving valid 
SNMP Set-Request PDUs. 


The total number of SNMP 
Get-Request PDUs thath have 
been accepted and processed by 
the SNMP protocol entity. 


The total number of SNMP 
Get-Next PDUs that have been 
accepted and processed by the 
SNMP protocol entity. 


The total number of SNMP 
Get-Response PDUs which have 
been accepted and processed by 
the SNMP protocol entity. 


The total number of SNMP Trap 
PDUs that have been accepted and 
processed by the SNMP protocol 
entity. 


The total number of SNMP PDUs 
that were generated by the SNMP 
protocol entity and for which the 
value of the error-status field is 
‘tooBig’. 


Access 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


SNMP 
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Object and ASN.1 Notation 


The total number of SNMP PDUs 


snmpOutNoSuchNames 
{snmp 21 } 
1.3.6.1.2.1.11.21.0 


The total number of SNMP PDUs 


snmpOutBadValues 
{ snmp 22 } 
1.3.6.1.2.1.11.22.0 


snmpOutReadOnlys 


{snmp 23 } 
1.3.6.1.2.1.11.23.0 


The total number of SNMP PDUs 


snmpOutGenErrs 
{ snmp 24 } 
1.3.6.1.2.1.11.24.0 


snmpOutGetRequests 
{ snmp 25 } 
1.3.6.1.2.1.11.25.0 


The total number of SNMP 


snmpOutGetNexts 
{ snmp 26 } 
1.3.6.1.2.1.11.26.0 


The total number of SNMP 


snmpOutSetRequests 
{snmp 27 } 
1.3.6.1.2.1.11.27.0 


The total number of SNMP 


snmpOutGetResponses 
{ snmp 28 } 
1.3.6.1.2.1.11.28.0 


The total number of SNMP Trap 


snmpOutTraps 

{ snmp 29 } 
1.3.6.1.2.1.11.29.0 
snmpEnableAuthTraps 
{snmp 30 } 
1.3.6.1.2.1.11.30.0 





Syntax 


Counter 


Counter 


Counter 


Counter 


Counter 


Counter 


Counter 


Counter 


Counter 


Integer _ 





Definition 


that were generated by the SNMP 
protocol entity and for which the 
value of the error-status is 
‘noSuchName’. 


that were generated by the SNMP 
protocol entity and for which the 
value of the error-status field is 
‘padValue’. 


that were generated by the SNMP 
protocol entity and for which the 
value of the error-status field is 
‘genErr’. 


The total number of SNMP 
Get-Request PDUs thath have 
been generated by the SNMP pro- 
tocol entity. 


Get-Next PDUs that have been 
generated by the SNMP protocol 
entity. 


Set-Request PDUs that have been 
generated by the SNMP protocol 
entity. 


Get-Response PDUs that have 
been generated by the SNMP pro- 
tocol entity. 


PDUs thath have been generated 
by the SNMP protocol entity. 


Indicates whether the SNMP agent 
process is permitted to generate 
authentication-failure traps. The 
value of this object overrides any 
configuration information; as such, 
it provides a means whereby all 
authentication-failure traps can be 
disabled. 


This object should be stored in 
nonvolatile memory so that it 
remains constant between reinitia- 
lizations of the network manage- 
ment system. 
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Access 





read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-only 


read-write 


—_— 





Appendix E. MIB2.TBL File: MIB-II Objects 


This appendix contains the MIB2.TBL file as installed on your PC. 


sysDescr 1.3.6.1.2.1.1.1.0 display 
sysObjectID 130s lalalelee <0 object 
sysUpT ime 1.3.6.1.2.1.1.3.0 ticks 
sysContact 1.3.6.1.2.1.1.4.0 display 
sysName 123.6. 162.161.5.0 display 
sysLocation 1.3.6.1.2.1.1.6.0 display 
sysServices Lede60162e 11.70 number 
1fNumber 1.3.0¢le2ele2<10 number 
1 f Index TSeOcb. 2 lac eeudwse number 
ifDescr Li Se Oe letolecet olees display 
ifType Le deOe lalelelele lads number 
ifMtu 158,621,251.2.2. lide number 
ifSpeed Lids Ovlslelaeece La Ds gauge 
ifPhysAddress 123262122.1442.2. 1.6% string 
i fAdminStatus LdvOvle2clee.2elese number 
ifOperStatus Ls deOslalel eee leet. number 
ifLastChange 13600214267 ls ticks 
ifInOctets LedsOeieZed.Ze2e4. 20. counter 
ifInUcastPkts 13356.is2e).2ecoke lls counter 
ifInNUcastPkts Pe ovOel Cu lalecelalds counter 
ifInDiscards L oeOede ee 1iCees lela: counter 
ifInErrors 13060 1.2s1.2.2.1.14. counter 
1fInUnknownProtos LeovOe lace leeacelels counter 
ifOutOctets 1.3.6.1.2.1.2.2.1.16. counter 
ifOutUcastPkts eo 0. lel ekeesCeteld counter 
i fOutNUcastPkts 1346025 62eesl. 16. counter 
ifOutDiscards Le3vOeletelecec ele l 9: counter 
ifOutErrors bed e Oe liZeleocdverlsc0: counter 
ifOutQLen 1e3.0<le2iled.2.14.241. gauge 
ifSpecific Lids Orledeledsevl sec: object 
atI fIndex | IEA So pes ver-at oears ae eal number 
atPhysAddress 15536. 16221<3s lols string 
atNetAddress e500) 2c le Selele3: internet 
ipForwarding £53:56.122.1.45 160 number 
ipDefaultTTL 1.3.6.1.2.1.4.2.0 number 
ipInReceives 1.3.6.1.2.1.4.3.0 counter 
ipInHdrErrors 1.3.6.1.2.1.4.4.0 counter 
ipInAddreErrors 153-6.122.1:-4.5.0 counter 
ipForwDatagrams 1.3.6.1.2.1.4.6.0 counter 
ipInUnknownProtos 1.3.6.1.2.1.4.7.0 counter 
ipInDiscards 1.3.6.1.2.1.4.8.0 counter 
ipInDelivers 1.3.6.1.2.1.4.9.0 counter 
jpOutRequests 1.3.6.1.2.1.4.10.0 counter 
ipOutDiscards 1.3.6.1.2.1.4.11.0 counter 
ipOutNoRoutes 1.3.6.1.2.1.4.12.0 counter 
ipReasmT imeout 1.3.6.1.2.1.4.13.0 number 
i pReasmReqds 1.3.6.1.2.1.4.14.0 counter 
ipReasm0Ks 1.3.6.1.2.1.4.15.0 counter 
ipReasmFails 1.3.6.1.2.1.4.16.0 counter 
ipFragOKs Leos Ovdeets le 4ek7.0 counter 
ipFragFails 1.3.6.1.2.1.4.18.0 counter 
ipFragCreates 1.3.6.1.2.1.4.19.0 counter 
ipAdEntAddr 163.6. 142.124.20.1%1, internet 
ipAdEntI f Index 1.3.6.1.2.1.4.20.1.2. number 
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ipAdEntNetMask 1.3.6.1.2.1.4.20.1.3. internet 
ipAdEntBcastAddr 153200152; 144220.144. number 
ipAdEntReasmMaxSize LeoeOwls2s 1 e4e20.1.5. number 
ipRouteDest Vos Ovice ede 2 lates internet 
ipRoutel f Index 1.3,0cleesls4y21e 1.2: number 
jpRouteMetricl 320612 cl v4ec lela: number 
ipRouteMetric2 1.3.6.1.2.1.4.21.1.4. number 
ipRouteMetric3 1.3.6.1.2.1.4.21.1.5. number 
ipRouteMetric4 be oeOelecv let <0. number 
1pRouteNextHop LedsOe ecole bee Lede: internet 
ipRoutel ype 1.3.6.1.2.1.4.21.1.8. number 
ipRouteProto 1.3.6.1.2.1.4.21.1.9. number 
ipRouteAge 1.3.6.1.2.1.4.21.1.10. number 
ipRouteMask Ie3.00 1 oZelede2laleli. internet 
ipNetToMedial f Index 1.3.6.1.2.1.4.22.1.1. number 
ipNetToMediaPhysAddress 1.3.6.1.2.1.4.22.1.2. string 
ipNetToMediaNetAddress 1.3.6.1.2.1.4.22.1.3. internet 
ipNetToMediaType 1.3.6.1.2.1.4.22.1.4. number 
icmpInMsgs 1237031620 s0.1.0 counter 
icmpInErrors 123,6.1,241.5.2.0 counter 
icmpInDestUnreachs Le3e0e 12. 1.023.0 counter 
icmpInTimeExcds 1.3.6.1.2.1.5.4.0 counter 
icmpInParmProbs 13566 bs2512535.0 counter 
icmpInSrcQuenchs 15306162. 1603620 counter 
icmpInRedirects Leds 6. 1s2e1s50720 counter 
icmpInEchos 1.3.6.1.2.1.5.8.0 counter 
icmpInEchoReps 1.3.6..122.1.5.9,0 counter 
icmpInTimestamps 1.3.631.2.1.5.10.0 counter 
icmpInTimestampReps bos Ow lees ee b 160 counter 
icmpInAddrMasks LvosOvdees le Sv l2.0 counter 
icmpInAddrMaskReps P3336 ¢1.2644 9619.0 counter 
icmpOutMsgs 103.6. 1.2.1.5.14.0 counter 
icmpOutErrors b23.0414261.56 15.0 counter 
icmpOutDestUnreachs 1.3.6.1.2.1.5.16.0 counter 
icmpOutT imeExcds by 330. laZels 0017.0 counter 
icmpOutParmProbs £5050e1s2.125.16-0 counter 
icmpOutSrcQuenchs 1.3.6.1.2.1.5.19.0 counter 
icmpOutRedirects 160s Oe le evs DeeOed counter 
icmpOutEchos 140 000142s 149.2120 counter 
icmpOutEchoReps 153200l.23 16562220 counter 
icmpOutTimestamps DeocOslyeelsOs2ou8 counter 
icmpOutTimestampReps 1.3.6.1.2.1.5.24.0 counter 
icmpOutAddrMasks 1.3.6.1.2.1.5.25.9 counter 
icmpOutAddrMaskReps 1.3.6.1.2.1.5.26.0 counter 
tcpRtoAl gorithm 1.3.6.1.2.1.6.1.0 number 
tcpRtoMin 1.3.6.1.2.1.6.2.0 number 
tcpRtoMax 1.3+6.1.2.160.3.0 number 
tcpMaxConn 1.3.6.1.2.1.6.4.0 number 
tcpActiveOpens 1.3.6.1.2.1.6.5.0 counter 
tcpPassiveOpens 1.3.6.1.2.1.6.6.0 counter 
tcpAttemptFails 1.3.6.1.2.1.6.7.0 counter 
tcpEstabResets 1.3.6.1.2.1.6.8.0 counter 
tcpCurrEstab 1.3.6.1.2.1.6.9.0 gauge 
tcpInSegs 1.3.6.1.2.1.6.10.0 counter 
tcpOutSegs £29202 140. Oa O counter 
tcpRetransSegs 1633621.221.6212.0 counter 
tcpConnState 159604122. 166. 13.1.1. number 
tcpConnLocalAddress 1d. Oud. 2eddOcl3u lee: internet 
tcpConnLocal Port 1e3302162.156.135143; number 
tcpConnRemAddress LedO.15261.6213.1.4: internet 
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tcpConnRemPort 123.6.1.221.6.13 41.5. number 

tcpInErrs 1.3.6.1.2.1.6.14.0 counter 
tcpOutRsts 1.3.6.152.1.6.15.0 counter 
udpInDatagrams 130 ciedeksT x10 counter 
udpNoPorts .3.0.1.251,/.2.0 counter 
udpInErrors 1.3.6.1.2.1./7.3.0 counter 
udpOutDatagrams 1.3.6.1.2.1.7.4.0 counter 
udpLocalAddress {EAE ire a Sem Senay cer eee i aoe internet 
udpLocal Port 1320612 eles ete 2e number 

egpInMsgs bo36< 1426146210 counter 
egpInErrors £23560152.1664.2.0 counter 
egpOutMsgs 1.3.6.1.2.1.8.3.0 counter 
egpOutErrors 143.621,2. 1.8.4.0 counter 
egpNeighState 13305. beds sOe 0. lads number 

egpNeighAddr Lgoe0e-le7.1501 00 lacs internet 
egpNeighAs eds Oe lee cs6 owls number 

egpNeighInMsgs 15356..1.2.1.8.5<1.4, counter 
egpNeighInErrs bed .6ele2.d.625.1.5. counter 
egpNeighOutMsgs 133262142 41.8.5% 1.0: counter 
egpNeighOutErrs 153 36..45251,6.561s2. counter 
egpNeighInErrMsgs 163.0sls2ele0u0e lsd. counter 
egpNeighOutErrMsgs | ec ac Pe Oe atl eto ec rae counter 
egpNeighStateUps 125s lel wl Ose lO. counter 
egpNeighStateDowns 199,601 52.1.6.5e1.J11, counter 
egpNeighIntervalHello 1.3.6.1.2.1.8.5.1.12. number 

egpNeighInterval Pol] 133.04 lalebsOe De beds number 

egpNeighMode 1232024.26176.5.1. 143 number 

egpNeighEventTrigger 15 0¢0e2 ole0. 5.1 15s number 

egpAs 1.3.6.1.2.1.8.6.0 number 

snmp InPkts be5e0c1e2.1.1121.0 counter 
snmpOutPkts £5320. 1.¢2.1.11.2.0 counter 
snmpInBadVersions 123.624.2.1411.3.6 counter 
snmpInBadCommunityNames 1.3.6.1.2.1.11.4.0 counter 
snmpInBadCommunityUses 1.3.6.1.2.1.11.5.0 counter 
snmpInASNParseErrs b.3s0.de2.1. 11.6.0 counter 
snmpInBadTypes 1v3.6021.2.1511.57.0 counter 
snmpInTooBigs 143.6.1.251011.8.0 counter 
snmp I nNoSuchNames 153.601.251.11.9;50 counter 
snmp InBadValues 143. 02lees lots 1020 counter 
snmp InReadOnlys 1.9.0sled.1i1.11.0 counter 
snmpInGenErrs 1.3.6. 142.1.11.12.0 counter 
snmpInTotalReqVars 1.3.6.1.2.1.11.13.0 counter 
snmpInTotalSetVars 1.3.6.1.2.1.11.14.0 counter 
snmpInGetRequests 133.634.2.1.11.15.0 counter 
snmpInGetNexts Nites Fro ae arg a bere 8 a counter 
snmp InSetRequests L,dsOcietel els 20 counter 
snmpInGetResponses L,3e0e12.1. 11.18.90 counter 
snmpInTraps PedsOelse cle L.19.0 counter 
snmpOutTooBigs 1,326.1.2.1.11520.0 counter 
snmpOutNoSuchNames 1.3.6.1.2.1.11.21.0 counter 
snmpOutBadValues 12320122 e1.l1.22.0 counter 
snmpOutReadOnlys De ov0e lel. 11.2320 counter 
snmpOutGenErrs £23.6.122.1.11.24.0 counter 
snmpOutGetRequests 1.3.6.1.2.1.11.25.0 counter 
snmpOutGetNexts 1.3.6.1.2.1.11.26.0 counter 
snmpOutSetRequests be eOe tule lel lce) 20 counter 
snmpOutGetResponses 1232.6.122<.1211. 28.0 counter 
snmpOutTraps 153-6.1.2. 12.11.2920 counter 
snmpEnableAuthTraps 1.692021.2.1211.30.9 number 

DPI port $2360.01 .45562.2.1,160 number 
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Appendix F. Messages and Codes 


This appendix describes the messages and exit codes that are displayed in TCP/IP 
for OS/2. The messages are arranged alphabetically, grouped by command. 


FINGER 

Table 14. FINGER Messages and Codes 

Exit Code Message Explanation 

N/A Unabie to connect to nost The foreign host can be reached, but the finger server is nat 
running. 


Action: Start the finger server on the foreign host. 


FTP 

Table 15. FTP Messages and Codes 

Exit Code Message Explanation 

N/A Error: 2 This message covers many error situations. The most 
likely reason is that a file name in the subcommand does 
not exist. 


Action: Check the directories on the local and remote 
hosts, using dir, and verify that the file names are correct. 


1 Could not create a ftpds System problem. 


semaphore Action: Reboot the system. If the problem persists, contact 


IBM service. 


FTP Server FTPDC—Exit Messages 
These messages are printed by the FTPDC program. This program is started by the 


FTP server to handle client requests. The program exits with the code listed. 
Table 16 (Page 71 of 2). FTP Server FTPDC Exit Messages 
Exit Code Message Explanation 


0 Repeated login failures from host. A user on another host is trying to log on to the FTP server 
and has been unsuccessful. 


Action: Verify that the user attempting to log on knows the 
correct user name and password. 


1 ftpds:ioctl (trying to set socket to System error. This should not occur. Contact the System 
nonblocking) Administrator. 
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Table 16 (Page 2 of 2). FTP Server FTPDC Exit Messages 


Exit Code 
{ 


10 


Message 


panic: all enough memory 


FTPDS.EXE is not running (when 
trying to get shared segment with 
FTPDS) 


Could not open attn semaphore 


Could not open a mail semaphore 


Could not get pid 


panic: FTPDS did not respond 
within 30 secs 


Explanation 


System error. Cannot allocate enough memory to read the 
TRUSERS file. This may mean that the TRUSERS file is too 
large, or too many programs are running. 


Action: Check the size of the TRUSERS file. Unless it is 
several megabytes, this should not be the problem. Reduce 
the number of programs running, reboot the system, and 
restart TCP/IP. If the problem persists, contact IBM Service. 


FTPDC.EXE was started with the FTP server not running, or 
the FTP server died during startup of FTPDC.EXE. 


Action: Verify that the FTP server is running. If it is not 
running, restart it. 


No message, but this problem could occur, because no 
socket exists. System problem. 


Action: Reboot the system and restart TCP/IP. If the 
problem persists, contact IBM Service. 


System problem. 


Action: Reboot the system and restart TCP/IP. If the 
problem persists, contact IBM Service. 


The FTP server is not operating. 


Action: Restart the FTP server and FTPDC.EXE. 


These messages are printed by the FTPDC.EXE. The program does not exit when 


these errors occur. 


Table 17. FTP Server FTPDC Nonexit Messages 


Exit Code 
N/A 


N/A 


N/A 


Message 


getpeername program_name 
trying to get peer information on 
connection 


getsockname program_name 
trying to get socket name informa- 


tion 


local disk full. aborted 


Explanation 
System problem. # 


Action: Reboot the system and restart TCP/IP. If the 
problem persists, contact IBM Service. 


System problem. 


Action: Reboot the system and restart TCP/IP. If the 
problem persists, contact IBM Service. 


The local disk is full. 


Action: Clean up the disk space, and retry the action that 
failed. 


( ™ 
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FTP Server FTPDS—Exit Messages 


These messages are printed by the FTP server. The server exits with the code 


listed. 


Table 18. FIP Server FTPDS Exit Messages 


Exit Code 
{ 


Message 


Could not create a ftpds 
semaphore 


ftpd:tcp/ftp: unknown service 


ftpd:socket 


ftpds:listen 


ftpds:ioctl 


ftpds:accept 


Could not get pid 


No message printed, 


but... DOSGETENV failed 


Could not execute FTPDC.EXE 


Explanation 
System problem. 


Action: Reboot the system. If the problem persists, contact 
IBM service. 


FTP is not in the SERVICES file, or the SERVICES file does 
not exist. 


Action: Add FTP to the SERVICES file, or create a SER- 
VICES file, if the file does not exist. 


A socket could not be allocated by TCP. Too many applica- 
tions are running. 


Action: Reduce the number of programs running, and 
restart the FTP server. 


System problem. 


Action: Reboot the system, and restart TCP/IP. If the 
problem persists, contact IBM Service. 


System problem. 


Action: Reboot the system and restart TCP/IP. If the 
problem persists, contact IBM Service. 


System problem. 


Action: Reboot the system and restart TCP/IP. If the 
problem persists, contact IBM Service. 


System problem. 


Action: Reboot the system and restart TCP/IP. If the 
problem persists, contact IBM Service. 


System problem. 


Action: Reboot the system and restart TCP/IP. If the 
problem persists, contact IBM Service. 


The FTP server cannot execute the FTPDC.EXE program. 
Either the program does not exist on the machine, or it is 
not on the path of executables for the FTP server, or the 
program has been corrupted. 


Action: Verify that: 
e The program exists. 
* It is in a subdirectory in the PATH environment variable. 


e¢ jt has not been corrupted. 
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rir Server Fi PDS—Nonexit Messages 
These messages are printed by the FTP server. The server does not exit when 
these errors occur. 

Table 19. FTP Server FTPDS Nonexit Messages 

Exit Code Message Explanation 


N/A DosOpenSem failed on semaphore System problem. 


Action: Reboot the system and restart TCP/IP. If the 
problem persists, contact IBM Service. 


IFCONFIG 


Table 20. IFCONFIG Messages and Codes 
Exit Code Message Explanation 
N/A illegal parameters: bad value The syntax of the IFCONFIG command is incorrect. 


Action: Type ifconfig for help or see /BM TCP/IP Version 
7.2 for OS/2: User’s Guide. 


Kerberos Authentication System 


Table 21 (Page 71 of 7). KERBEROS Messages and Codes 
Exit Code Message Explanation 
OK The Kerberos operation is successful. 
Action: No action to be taken. 
Principal expired User registration with the Kerberos database has expired. 


Action: Contact your Kerberos administrator, and register 
with the Kerberos database again. Use the KDB_EDIT or the 
KADMIN utility. 


Service expired The requested service registered with the Kerberos data- 
base has expired. 


Action: The service provider should register the service in 
the database again. 


Authentication expired User’s authentication has expired. 
Action: Get new tickets and authentication. 


Unknown protocol version number The protocol version number does not match that of the 
TCP/IP product. 


Action: Install versions of Kerberos that use compatible 
protocol version numbers. 
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Table 21 (Page 2 of 7). KERBEROS Messages and Codes 


Exit Code 


Message 


Principal unknown 


Principal not unique 


Principal has null key 


Cannot read ticket file 


(krb_get_cred) 


Cannot find ticket (krb_get_cred) 


Ticket granting ticket expired 
(krb_mk_req) 


Cannot decode authenticator 
(krb_rd_req) 


Ticket expired (krb_rd_req) 


Ticket issue date too far in the 
future (krb_rd_req) 


Ticket for the wrong server 
(krb_rd_req) 


Request is inconsistent 
(krb_rd_req) 


Explanation 


The supplied principal name is not registered in the data- 
base. 


Action: If the principal name is typed incorrectly, try again 
with the correct registered principal name. If you are not 
registered in the database, ask your Kerberos administrator 
to register your name in the database. 


There is more than one principal in the same database. 


Action: Report the problem to your system administrator. 
Nonunique principals should be checked by the KDB _EDIT 
or KADMIN registration program when registering. 


The principal has registered with a null key. 


Action: Report the problem to your system administrator. 
A null key is not accepted when registering. 


The ticket file does not exist, or the ticket file is corrupted. 


Action: Use the KINIT command to get the initial ticket, and 
a ticket file is created in TMP directory accordingly. 


The ticket for the requested service is not found in the ticket 
file. 


Action: Use the KINIT command to get the initial ticket. If 
mk_req() is used, it will get the desired ticket from the 
Kerberos ticket granting server automatically. 


The time interval since you issued the KINIT command has 
exceeded the predefined ticket life. 


Action: Issue the KINIT command to obtain the new initial 
ticket. You can negotiate with the Kerberos master adminis- 
trator for the maximum ticket life time (0-255)*5 minutes. 


The authenticator sent by the client cannot be decoded. 


Action: Depends on your application. You can reject the 
request, or take other action, such as sending the proper 
message back to the client. 


‘Expired ticket from the client has been detected by the 


krb_rd_req routine of the server. 


Action: Depends on your application. You can reject the 
request, or take other action, such as sending the proper 
message back to the client. 


Invalid ticket issuing date has been detected. 


Action: Depends on your application. You can reject the 
request, or take other action, such as sending the proper 
message back to the client. 


The ticket received by the server is for another server. 


Action: Depends on your application. You can reject the 
request, or take other action, such as sending the proper 
message back to the client. 


The information in the authenticator is different from that in 
the ticket. A possible reply is detected. 


Action: Depends on your application. You can reject the 
request, or take other action, such as sending the proper 
message back to the client. 
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Table 21 (Page 3 of 7). KERBEROS Messages and Codes 


Exit Code 


Message 


Time is out of bounds (krb_rd_req) 


Incorrect network address 
(krb_rd_req) 


Protocol version mismatch 
(krb_rd_req) 


Illegal message type (krb_rd_req) 


Message integrity error 
(krb_rd_req) 


Current password is null 
(get_pw_tkt) 


Explanation 


The time interval for a ticket traveling in the network is 
longer than the predefined CLOCK_SKEW time. 


Action: Reject the service, and inform the client of the error 
message. 


Note: To change the CLOCK_SKEW time, you should 
change the CLOCK_SKEW defined in the KRB.H (default is 
300 seconds), recompile your KRB library, and relink the 
server with the new KRB library. 


The client’s network address in the authenticator is not con- 
sistent with the packet received. It can be a reply by an 
intruder. 


Action: Depends on your application. You can reject the 
request, or take other action, such as sending the proper 
message back to the client. 


The protocol version of the ticket from a client is different 
from the version that the server is using. 


Action: Notify the client that the protocol version defined in 
the PROT.H does not agree with that in the server. To 
change the protocol version, modify the protocol version in 
the PROT.H, recompile the KRB library, and link the client 
program or server program to the new KRB library. 


The message type defined in the ticket is illegal. The valid 
message types are defined in the PROT.H file. The corre- 
sponding KRB library function pairs in clients and server 
are not consistent. rd_req() , rd_safe(), and rd_priv() in the 
client program do not match their counterparts in the 
server. The counterparts are mk_req(), mk_safe(), and 
mk_priv(), respectively. 


Action: Depends on your application. You can reject the 
request, or take other action, such as sending the proper 
message back to the client. Verify that the function pairs in 
the client and server are consistent and the version number 
defined in the PROT.H is the same. 


The krb_rd_req() function detects an error in the ticket 
format. The ticket may have been modified. 


Action: Depends on your application. You can reject the 
request, or take other action, such as sending the proper 
message back to the client. 


The principal had a null password in the Kerberos data- 
base, which indicates that the principal is known to 
Kerberos, but does not have a password yet. 


Action: Try to get a ticket for the principal 
default.changepw@realm to use the 
changepw.KRB_MASTER server. Use the password 
changepwkrb rather than cow. Return GT PW_NULL. If this 
routine succeeds, a ticket and session key for either the 
principal user.instance@realm, or 
default.changepw@realm, will be in the your ticket file, 
which allows you to use the password-changing server. 
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Table 21 (Page 4 of 7). KERBEROS Messages and Codes 


Exit Code 


Message 


The current password incorrect 
(get_pw_tkt) 


Retry count exceeded 
(send_to_kdc) 


Cannot send request (send_to_kdc) 


Password incorrect 


Protocol error (get_intkt) 
Generic error (get_intkt) 

Do not have ticket granting ticket 
(get_ad_tkt) 


No ticket file (tf_util) 


Cannot access ticket file (tf_util) 


Cannot lock ticket file; try later 
(tf_util) 


Bad ticket file format (tf_util) 


Read the ticket file before tf_init 
(tf_util) 


Bad Kerberos name format 
(kname_parse) 


Generic Kerberos error (kfailure) 


Explanation 
The current password was invalid. 


Action: Enter the password again. If the message appears 
again, see your system administrator. 


Retry count has been exceeded, but you do not get an 
answer from the Kerberos server. The Kerberos servers 
listed in your KRB.CNF file cannot be reached. 


Action: Ping the host where the Kerberos server is running 
to see if the host can be reached. If the host can be 
reached, check with the system administrator to see if the 
Kerberos server is running on that host. 





Cannot get local realm 


Action: Verify that the local realm is defined in your 
KRB.CNF file in ETC directory 


The password is incorrect, the message is not correctly 
decrypted using the current password. 


Action: Provide the correct password. 

Wrong protocol version. 

Action: Get the updated Kerberos code. 

Other errors detected by krb_get_in_tkt(). 

Action: See the Kerberos administrator. 

The initial ticket is not in the ticket file. 

Action: Issue the KINIT command to obtain the initial ticket. 
The ticket file is not created. 

Action: issue the KINIT command. 

The ticket file is in the wrong mode. 


Action: Verify that the 'tkt0' in TMP directory can be 
accessed. 


Could not lock the ticket fiie, even after several tries. 
Action: Try later. 


If the name was null, EOF was encountered, or the name 
was longer than ANAME_SZ, TKT_FIL_FMT is returned. 


Action: Check the ticket file format. If the format is wrong, 
get new tickets. 


tf_init not called first. 


Action: Call tf_init before any calling for any access to the 
ticket file. 


The Kerberos name is detected as an incorrect Kerberos 
name. 


Action: For the correct Kerberos name format, see 
Chapter 12, “Setting Up Your Kerberos System.” 


Other errors are detected by Kerberos. 


Action: See the Kerberos administrator. 
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Table 21 (Page 5 of 7). KERBEROS Messages and Codes 


Exit Code 


Message 


KADMIN error : Insufficient access 
to perform requested operation 


Error message from EXT_SRTB. 
Unknown control argument 


Could not read the master key 


Could not get local realm 


Could not create file <inst>.stb 


More than 40 entries found 


Bad instance name: 


Error writing the output file. Ter- 
minating. 


Could not open database 


Kerberos : gethostname error 


Explanation 


As a remote administrator, you are not authorized to 
perform the requested operation. 


Action: Ask the Kerberos master administrator to add your 
name to the ADM_ACL file on the host where the Kerberos 
database resides. Error message from EXT_SRTB. 


An argument parameter other than -n is specified in the 
command line. The format of ext_srtb is: 


ext_srtb [-n] instl inst2 


If -n is specified, then the program tries to read the master 
key from the file MKEYFILE, which is defined in KDC.H. 


Action: Verify that the MKEYFILE defined in KDC.H exists. 


You specified -n option in the EXT SRTB program, and the 
MKEYFILE cannot be accessed. 


Action: Drop the -n option, and enter the master key from 
the keyboard. 


The local realm is missing from the first line of the 
KRB.CMF file. 


Action: Add your local reaim to your KRB.CNF file in the 
ETC directory. 


The EXT_SRTB program has a problem creating the 
inst.stb file. The instance name may be too long (more 
than 7 characters), making the file name invalid. 


Action: Do not supply instance names longer than 7 charac- 
ters when registering a service with the Kerberos database. 


There are more than 40 entries in the database with the 
specified instance name. 


Action: Decrease the number of database entries. 
The instance name is not valid. 
Action: Verify the instance name for validity. 


The program has difficulty writing the entries to the 
inst.stb file. 


Action: Check for adequate file space. 


The Kerberos database does not exist or is locked. The 
ext_srtb must be run on the host from which the Kerberos 
database can be accessed. 


Action: Make the database accessible to the ext_srtb 
program. If the database does not exist, run KDB_INIT 
program to create it. See Chapter 12, “Setting Up Your 
Kerberos System” for information about KDB_INIT. 


Unable to get the host name environment variable. 


Action: Set the HOSTNAME environment variable properly. 
You can add the SET HOSTNAME = host_name statement in 
your CONFIG.SYS file, and reboot the machine, or issue the 
SET command on the command line. 
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Table 21 (Page 6 of 7). KERBEROS Messages and Codes 


Exit Code 


Message 


Kerberos : udp/Kerberos unknown 
service 


Kerberos cannot bind socket 


Cannot open the database: 


KINIT : k_gethostname failed 


KINIT : bad Kerberos 


name/instance/realm format 


KINIT : krb_get_lrealm failed 


Cannot find local realm 


Cannot fetch local realm 


Bad key supplied 


Could not find administrating host 


Administrating host name is 
unknown 


Explanation 


The Kerberos service is not defined in the SERVICES file in 
the ETC directory. 


Action: If you installed the TCP/IP for OS/2 product using 
ICAT, this file should be installed in your ETC directory. 


Note: You can add the following lines in your SERVICES 
file : 

Kerberos 750/udp kdc # Kerberos authentication--udp 
Kerberos 750/tcp kdc # Kerberos authentication--tcp 


The Kerberos service ports 750/tcp and 750/udp are bound. 
The Kerberos server is running, or has been stopped, but 
the socket port has not been released. 


Action: Reboot the machine. 


The Kerberos server and the ADM_ SERV server have 
trouble opening the Kerberos database. 


Action: Verify that the database is in the KERBEROS direc- 
tory. 


The KINIT program does not know on which host the 
Kerberos authentication server resides. 


Action: Verify that the KRB.CNF file in ETC directory is 
properly defined. Verify that the host specified in the 
KRB.CNF can be reached by using the PING function. 


The specified Kerberos name is not correct. 


Action: See Chapter 12, “Setting Up Your Kerberos 
System” for the correct Kerberos name format. 


KINIT is unable to get the local realm. 


Action: Verify that the local realm is specified in the 
KRB.CMF file. 


KINIT is unable to get the local realm. 


Action: Verify that the local realm is specified in the 
KRB.CMF file. 


KINIT is unable to get the local realm. 


Action: Verify that the local realm is specified in the 
KRB.CNF file. 


A weak key or semi-weak key is detected. A trivial key 
pattern is detected if you attempt to break the key. 


Action: Supply the correct key. 


The KRB.CMF file is not edited properly. KADMIN is unable 
to find the host where the database resides. 


Action: Verify that the host name where the Kerberos data- 
base resides is correctly specified in the KRB.CNF file. See 
Chapter 12, “Setting Up Your Kerberos System” for infor- 
mation about KRB.CNF. 


The host name specified in the KRB.CNF cannot be 
resolved. 


Action: Verify that the name server is running properly or 
the hosts file contains the administrating host. If you can 
PING the administrating host, this problem is solved. 
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Table 21 (Page 7 of 7). KERBEROS Messages and Codes 


Exit Code Message 


Entry already exists in database 


Insufficient access to perform 
requested operation 


No such entry in the database 


LPD 

Table 22. LPD Messages and Codes 

Exit Code Message 

1 Unknown Option ’%c’ 

N/A Error: receiving command from 


client: rc = %d 


N/A Lpd: error receiving data 
(errno= %d) 


N/A Print request aborted by Client! 
N/A Error: Invalid Control file! 

N/A Error: Invalid Data file! 

N/A Invalid socket specified! 


Explanation | 


You are trying to register a user with the KADMIN ADD sub- 
command, and an entry already exists in the database with 
the same name. 


Action: Use another name or quit the ADD operation. 


Your name is not listed in the ADM_ACL.GET 
ADM_ACL.MOD, ADM_ACL.ADD file in the KERBEROS 
directory of the host where the database resides. 


Action: To perform the ADD function, ask the database 
administrator to add your name to ADM_ACL.ADD. Your 
name must also be added for using the GET 
(ADM_ACL.GET) and CPW (ADM_ACL.MOD) operations. 


You used GET or CPW to access an nonexistent entry in the 
database. 


Action: Register the user before attempting the access. 


Explanation 
The option ‘%c’ specified on the command line is invalid. oe 


Action: Check the parameters on the command line and 
respecify. 


An error occured while reading command data from the 
Client. 


Action: Check the connecting client to verify that their con- 
figuration is correct. 


An error occured while reading data from the client. 


Action: Check the connecting client to verify that their con- y 
figuration is correct. 


The client requested that any print job that is currently 
being created be cancelled. 


The client has not sent a valid control file for the current 
job. 


Action: Check the connecting client to verify that their con- 
figuration is correct. 


The client has not sent a valid data file for the current job. 


Action: Check the connecting client to verify that their con- 
figuration is correct. 


An invalid parameter was passed to Ipd on the command 
line. 


Action: Check the parameters on the command line and 
respecify. 


— 
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Table 23. LPQ Messages and Codes 


Exit Code 
1 


N/A 


LPR 


Message 


No Printer was specified! 


No Server was specified! 


Unknown Option ’%c’ 


LPQ: Unknown server %s! 


printer: printer/tcp: unknown 
service 


Unable to bind socket 


Table 24 (Page 1 of 3). LPR Messages and Codes 


Exit Code 
N/A 


N/A 


N/A 


N/A 


Message 


Can't open “%s: 


Early EOF found transmitting file 


Unable to connect to %s 
(errno= %d)! 


printer: printer/tcp: unknown 
service 


seal 


Explanation 


The LPQ command was specified without a printer, nor was 
there an LPR_PRINTER environment variable set. 


Action: Respecify the LPQ command with the -p printer 
parameter, or set the environment variable LPR_PRINTER. 


The LPQ command was specified without a server, nor was 
there an LPR_SERVER environment variable set. 


Action: Respecify the LPQ command with the -s server 
parameter, or set the environment variable LPR_SERVER. 


The option %c specified on the LPQ command line is 
invalid. 


Action: Respecify the LPQ command with the correct option 
specified. 


The server %s is not a valid server. 


Action: Respecify the LPQ command line with the correct 
server. 


LPQ was unable to determine the socket number to connect 
to on the server to reach the Remote Printer Server. 


Action: Check your SERVICES file to verify that an entry 
exists for printer. 


The LPQ protocol states that all LPQ requests must come 
from a port within the range of 721 to 731. Because ofa 
time-out on port numbers, there is a chance to run out of 
available ports. 


Explanation 
Unable to open the file ‘%s’ to send to the server. 


Action: Check the file name specified on the LPR command 
line. 


An imbedded End Of File marker was found in the file. 


Action: Retry the LPR command specifying the -b option for 
binary files. 


LPR was unable to connect to the server %s. 
Action: Verify that the server specified is correct. 


i PR was unable to determine the socket number to connect 
to on the server to reach the Remote Printer Server. 


Action: Check your SERVICES file to verify that an entry 
exists for printer. 
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Table 24 (Page 2 of 3). LPR Messages and Codes 


Exit Code 


N/A 


N/A 


N/A 


N/A 


N/A 


N/A 


N/A 


N/A 


N/A 


N/A 


220 


Message 


unknown host 


Unable to bind socket 


Unable to connect to foreign host 


Unable to receive response: 


Server closed connection prema- 
turely 


Server Error: Server cannot open 
or write to printer 


Server Error: Out of storage space 


Server Error: Unknown error: 


Unable to send file %s after %d 


tries! 


File not found: %s 


Cannot specify -f and -b flags 
together! 


Invalid delay specified! 


Explanation 
LPR was unable to connect to the server specified. 
Action: Verify that the server specified is correct. 


The LPR protocol states that all LPR requests must come 
from a port within the range of 721 to 731. 


Action: Because of a time-out on port numbers, there is a 
chance to run out of available ports when sending lots of 
files in a short period of time. LPR will retry sending the file 
if this does occur. 


If for some reason files do not get sent, you can adjust the 
number of retries as well as the delay between retries. 


LPR was unable to connect to the specified server because 
no server was running on that host. 


Action: Verify that an LPD server is running on the remote 
host specified as the server. 


The specified server is not responding to LPR’s requests. 


Action: Check the configuration of the LPD server that is 
running on the remote host specified as the server. 


The specified server closed the connection prematurely. 


Action: Check the configuration of the LPD server that is 
running on the remote host specified as the server. 


An invalid printer name was specified. 


Action: Check the printer name specified on the LPR 
command line, and respecify if necessary. 


The LPD server was unable to satisfy your request because 
it was out of storage. 


Action: Try to free up resources at the remote host running 
the LPD server. 


The LPD server reported an unknown error back to LPR. 


Action: Check the configuration of the LPD server that is 
running on the remote host specified as the server. 


LPR was unable to print the file %s after %d retries. 


Action: Retry the LPR command, increasing either or both 
of the -r retries or -q delay parameters. 


LPR was unable to find the file “%s. 


Action: Verify that the file exists on the local host, and 
respecify the LPR command if necessary. 


The user specified both the -f and -b flags on the LPR 
command line. These flags are mutually exclusive. 


Action: Respecify the LPR command with only the required 
flag. 


The user specified an out of range value for the -q delay 
parameter. 


Action: Respecify the LPR command with a value for delay 
between 0 and 30. 
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Table 24 (Page 3 of 3). LPR Messages and Codes 


Exit Code 
1 


N/A 


LPRM 


Message 


Invalid Number of retries specified! 


No Printer was specified! 


No Server was specified! 


Warning: Sending unknown options 
to the server! 


Table 25 (Page 1 of 2). LPRM Messages and Codes 


Exit Code 
4 


N/A 


Message 


No Printer was specified! 


No Server was specified! 


No User or Agent was specified! 


Unknown Option ’%c’ 


LPRM: Unknown server %s! 


printer: printer/tcp: unknown 
service 


Explanation 


The user specified an out of range value for the -r retries 
parameter. 


Action: Respecify the LPR command with a value for retries 
between 0 and 5. 


The LPR command was specified without a printer, nor was 
there an LPR_PRINTER environment variable set. 


Action: Respecify the LPR command with the -p printer 
parameter, or set the environment variable LPR_PRINTER. 


The LPR command was specified without a server, nor was 
there an LPR_SERVER environment variable set. 


Action: Respecify the LPR command with the -s server 
parameter, or set the environment variable LPR_SERVER. 


The LPR command was specified with unknown options. 
LPR will send these options to the specified server as pari 
of the control file. 


Explanation 


The LPRM command was specified without a printer, nor 
was there an LPR_PRINTER environment variable set. 


Action: Respecify the LPRM command with the -p printer 
parameter, or set the environment variable LPR_PRINTER. 


The LPRM command was specified without a server, nor 
was there an LPR_SERVER environment variable set. 


Action: Respecify the LPRM command with the -s server 
parameter, or set the environment variable LPR_SERVER. 


The LPRM command was specified without an agent, nor 
was there a USER environment variable set. 


Action: Respecify the LPRM command with the -a agent 
parameter, or set the environment variable USER. 


The option %c specified on the LPRM command line is 
invalid. 


Action: Respecify the LPRM command with the correct 
option specified. 


The server %s is not a valid server. 


Action: Respecify the LPRM command line with the correct 
server. 


LPRM was unable to determine the socket number to 
connect to on the server to reach the Remote Printer 
Server. 


Action: Check your SERVICES file to verify that an entry 
exists for printer. 
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Table 25 (Page 2 of 2). LPRM Messages and Codes 
Exit Code Message 


2 Unable to bind socket 


LPRMON 

Table 26. LPRM Messages and Codes 

Exit Code Message 

1 Cannot specify -f and -b flags 
together! 

1 Invalid delay specified! 

1 Invalid Number of retries specified! 

1 No Printer was specified! 

1 No Server was specified! 

N/A Warning: Sending unknown options 


to the server! 


NFS Client 


Explanation 


The LPRM protocol states that all LPRM requests must 
come from a port within the range of 721 to 731. Because of 
a time-out on port numbers, there is a chance to run out of 
available ports. 


Explanation 


The user specified both the -f and -b flags on the LPRMON 
command line. These flags are mutually exclusive. 


Action: Respecify the LPRMON command with only the 
required flag. 


The user specified an out of range value for the -q delay 
parameter. 


Respecify the LPRMON command with a value for delay 
between 0 and 30. 


The user specified an out of range value for the -r retries 
parameter. 


Action: Respecify the LPRMON command with a value for 
retries between 0 and 5. 


The LPRMON command was specified without a printer, nor 
was there an LPR_PRINTER environment variable set. 


Action: Respecify the LPRMON command with the -p printer 
parameter, or set the environment variable LPR_PRINTER. 


The LPRMON command was specified without a server, nor 


was there an LPR_SERVER environment variable set. 


Action: Respecify the LPRMON command with the -s server 
parameter, or set the environment variable LPR_SERVER. 


The LPRMON command was specified with unknown 
options. LPRMON will send these options to the specified 
server as part of the control file. 
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Exit Code Message 


N/A >>>RETRY failurel<<< 


Explanation 


The remote server did not respond and NFS had to 
resend the request. 


Action: Verify that that your NFS server is functioning 
properly. 
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Table 27 (Page 2 of 5). NFS Client Messages and Codes 


Exit Code 
N/A 


N/A 


N/A 


N/A 


N/A 


N/A 


N/A 


N/A 


N/A 


N/A 


N/A 


N/A 


Message 


NFSCO0001: Drive ’x’ is not properly 
attached and will be detached. 


NFSCO0002: Drive ’x’ is not attached and 
therefore cannot be queried. 


pfsnfs—>pnfsmount malloc failed 


Semaphore allocation service error. 


There are mounted drives. Please 
unmount all NFS drives before ending this 
program. 

‘umount *’ can be used to unmount all NFS 
drives. 


Terminating child processes. 
Please be patient... 
killing biod:xxx process number:xxx rc:xxx 


There are mounted drives. 
Please use the program ‘nfsclean’ to 


unmount the mounted drives 
after restarting this program. 


The maximum number of mount requests 
has been exceeded 


mount: <host> not in hosts database 


ERROR:READ ZERO bytes 


biod:read block error. 


biod:write block error. 


Explanation 


The drive was mounted improperly, possibly because an 
error might have occurred during the mount. 


Action: Run NFSCLEAN to detach the drive. 


You attempted a QMOUNT on a drive that was not 
mounted by NFS. 


Action: Mount the drive with the MOUNT command. 


Action: Note the circumstances under which this 
occurred, and contact IBM support. 


The NFS control program could not allocate a 
semaphore for its use. This could be the result of 
improperly terminating the control program, or 
attempting to use the same semaphore name in a dif- 
ferent program. 


Action: Reboot your computer and try again. If this 
error persists, make a note of the circumstances and 
contact IBM support. 


You attempted to end the NFS control program when 
NFS drives were mounted. 


Action: Unmount all NFS drives before terminating the 
control program. Use the UMOUNT command with the 
asterisk (*) option to unmount all the drives. 


This is normal when terminating the NFS control 
program. 


Action: No action is required. 


You selected the close option from the NFS control 
program window’s system menu, and terminated NFS 
while drives were mounted. 


Action: When you restart NFS, be sure to run 
NFSCLEAN. 


Action: Please make a note of the circumstances and 
contact IBM support. 


An error occurred while resolving the host name. 


Action: Verify that that your name server and hosts file 
are correct and operational. 


The server to which you are connected returned zero 
bytes when NFS attempted to read a file. 


Action: Verify that that your NFS server is functioning 
properly. 

One of the BIODs encountered an error when attempting 
to read from an NFS server. 

Action: Verify that that your NFS server is functioning 
properly. 

One of the BIODs encountered an error when attempting 
to write to an NFS server. 


Action: Verify that that your NFS server is functioning 
properly. 
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Exit Code 
N/A 


N/A 


N/A 


N/A 


N/A 


N/A 





N/A 


N/A 
N/A 


N/A 


Message 


SYMBOLIC LINK is: name ‘<name>’ 
This link seems to be recursive. 


mount: <host> server not responding 


mount:Unable to bind socket errno:xxx 


error opening ’\pipe\nfs\0000000x’ 


The Local Hostname should be set to a 
value 

Please add a line of the following form to 
the CONFIG.SYS file 

SET 

hostname = <local-internet-host-name> 


xdr_rrok: FAILED, can’t get mbuf 


Delete failed 


You do not have ownership of this disk. 


Password change required by host. 


NFSWAIT: Unable to access NFS shared 
segment 


unrecognized option: ’-<option>’ 


Explanation 


The NFS Client believes that the symbolic link is recur- 
sive. This can also occur when there are too many links 
to link. 


Action: Delete the recursive symbolic link or shorten 
the number of links in the path. 


The NFS control program could not contact the NFS 
server when it was mounting a new file system. 


Action: Verify that that your NFS server is functioning 
properly. 


Action: Please make a note of the circumstances and 
contact IBM support. 


The NFS control program could not allocate a named 
pipe for its use. This could be the result of improperly 
terminating the control program, or attempting to use 
the same pipe name in a different program. 


Action: No action is required. The NFS control program 
attempts to open the pipe several times before giving 
up. If no additional messages appear, then NFS has 
successfully opened the pipe. 


You did not set the HOSTNAME environment variable in 
your CONFIG.SYS file. 


Action: Do one of the following: 


e Use ICAT to modify your CONFIG.SYS file and add 
the proper SET HOSTNAME = statement. 


e Add the following line to your CONFIG.SYS file: 
SET HOSTNAME = <local-internet-hostname> 


Action: Please make a note of the circumstances and 
contact IBM support. 


LN could not delete the link. 


Action: Verify that that your NFS server is functioning 
properly and that you have been granted access to the 
link. 


You attempted to mount a VM disk that you do not own. 
Your MVS password has expired and must be changed. 
Action: Do one of the following: 


* Use the -n option of the MVSLOGIN command to 
change your MVS password. 


¢ Log on to your MVS account and change your pass- 
word. 


The NFS control program was not started properly. 


Action: Stop and restart the NFS control program. If 
this does not correct the error, reboot your computer 
and try to start the program again. 


You entered an option that is not valid for this command. 


Action: See the /BM TCP/IP Version 1.2 for OS/2: 
User’s Guide or IBM TCP/IP Version 1.2 for OS/2: Quick 
Reference Guide for the correct syntax. | 
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Table 27 (Page 4 of 5). NFS Client Messages and Codes 


Exit Code 
1 


12 


19 


27 


50 


55 


Message 


nfsbiod could not be found in the path 


A Biod critical error has occurred 
Please stop all NFSC programs and 
start the programs again 


The server could not find the directory 
specified. 
ERROR FILE NOT FOUND 


The NFS Client is already executing 
(process id:xxx). 


Error: The NFS installed file system is not 
loaded! 

Please add ’ifs=nfs.ifs’ to the 
c:\config.sys file. 


ERROR ACCESS DENIED 


ERROR_INVALID_ ACCESS 


ERROR_INVALID_ ACCESS 


ERROR_WRITE_PROTECT 


A hard error has occurred at the server. 
ERROR_SECTOR_NOT_ FOUND 


The NFSCTL program is probably not 
running. 
ERROR_NOT SUPPORTED 


Device not found at the server. 
ERROR_DEV_NOT EXIST 


Explanation 


The NFS control program could not find NFSBIOD.EXE in 
your path. 


Action: Add the directory containing NFSBIOD.EXE to 
your path. 


The NFS control program could not allocate the pipe 
designated for its use. This could be the result of 
improperly terminating the control program or 
attempting to use the same pipe name in a different 
program. 


Action: Stop and then restart the NFS control program. 
If this does not correct the error, reboot the computer. 


The server could not find the file or directory specified. 


Action: Respecify with the correct file or directory 
name. 


You attempted to start the NFS control program more 
than once. 


You did not add the correct JFS statement for NFS in 
your CONFIG.SYS file. 


Action: Use ICAT to modify your CONFIG.SYS and add 
the proper IFS statement. 


You tried to do a file operation on an invalid file. 
Action: Respecify with the correct file name. 

The file you are attempting to access no longer exists. 
Action: Verify that the file exists. 


You do not have ownership to perform the requested 
operation. 


Action: Check the permission settings at the server. 
You are attempting to write to a read-only file system. 
Action: Use one of the following options. 

¢ Remount the server with read-write permission. 


¢ Check the export method at the server to verify that 
it was exported as a read-write file system. 


A hard error occurred. 
Action: Run the server diagnostics. 
The NFSCTL program is probably not running. 


Action: Start the NFSCTL program, either directly or 
using NFSC. 


-Or- 
The operation you have requested is not supported. 
The device does not exist. 


Action: Verify that the device exists on the server. 
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Exit Code 
60 


80 


85 


100 


100 


112 


145 


206 


267 


Message 


Server timed out. 


ERROR FILE EXISTS 


Drive drive is already attached to the file 
system. 


The buffer size requested (xxx) is larger 
than the supported maximum of (yyy) 


Only one mount request can be issued at a 


time 


ERROR_DISK_FULL 


ERROR DIR NOT EMPTY 


ERROR FILENAME _EXCED_RANGE 


ERROR_DIRECTORY 


Explanation 
The server response timed out. 
Action: Use one of the following options. 
¢ Check the NFS server on the remote machine. 


¢ Unmount all drives, stop the NFS control program, 
and restart the program with a longer time out. 


¢ Verify that the directory you are mounting is valid, 
using the SHOWEXP command. 


The file you specified already exists. 
Action: Respecify with a different file name. 
The drive you are trying to mount is already used. 


Action: Select a different drive. Use the QMOUNT 
command to determine the drives that are in use. 


You started the NFSCTL program with a buffer size (the 
-b option) larger than NFS can handle. 


Action: Use a smaller value for the -b option. 


You attempted to execute two MOUNT commands simul- 
taneously. 


Action: Wait for the first mount to finish before issuing 
another MOUNT command. 


The file is too large, or the file has grown beyond the 
server’s limit. 


Action: Contact your system administrator for more disk 
space. 


You are attempting to remove a directory that is not 
empty. 


Action: Delete all files within the specified directory, 
and try again. 


The file name specified is too long. 


Action: Respecify the file, using the correct format and 
length. 


The operation specified an invalid directory name ina 
directory operation. 


Action: Respecify with a valid directory name. 
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Table 28 (Page 1 of 2). PORTMAP Messages and Codes 


Exit Code Message 

1 Error: Portmap cannot create 
socket 

: Error: portmap cannot bind 

1 Error: could not do tcp_create 

1 Error: could not do udp_ create 

N/A Error: svc_sendreply1 


svc_sendreply1 Set a program, 
version to port mapping 


Explanation 


The sockets socket() procedure did not work in the portmap 
routine. 


Action: See the socket() call in the /BM TCP/IP Version 1.2 
for OS/2: Programmer's Reference for specific errors. The 
socket() call can fail because of a protocol mismatch. The 
sockets may all be in use. Verify that TCP or UDP is oper- 
ating. Verify that memory is available. Domain may be 
incorrectly specified. Run the NETSTAT command with the 
sockets options for more information. Sockets remain 
active for a time-out period after they have been closed. 


The sockets bind() function did not work in the portmap 
routine. The portmap may have been stopped with the 
address still in use. 


Action: Clear the portmap, and reinitiate. The portmap 
workspace may have to be completely reset. See the bind() 
call in the /BM TCP/IP Version 1.2 for OS/2: Programmer’s 
Reference for specific errors. Verify that memory is avail- 
able. The socket descriptor may have been altered by 
another function. Run the NETSTAT command with the 
sockets options for more information. 


The rpc svctcp_create() function did not work in the portmap 
routine. 


Action: See the svcicp_create() call description in the /BM 
TCP/IP Version 1.2 for OS/2: Programmer's Reference for 
information. The socket descriptor may have been altered 
by another function. Verify that memory is available and 
allocated. The socket descriptor may not be available. Run 
the NETSTAT command with the sockets options for more 
information. 


The rpc svcudp create() function did not work in the 
portmap routine. 


Action: See the svcudp_create() call description in the /BM 
TCP/IP Version 1.2 for OS/2: Programmer’s Reference for 
information. The socket descriptor may have been altered 
by another function. Verify that memory is available and 
allocated. The socket descriptor may not be available. Run 
the NETSTAT command with the sockets options for more 
information. 


The rpc svc_sendreply() function did not work in the 
portmap routine when it attempted to return information to 
the caller. 


Action: See the rpc svc_sendreply() call description in the 
IBM TCP/IP Version 1.2 for OS/2: Programmer’s Reference 
for information. The transport handle may have been 
altered by another function. The transport handle may not 
be available. Verify that memory is available and allocated. 
An xdr error may have occurred on the transfer. A socket 
error may have occurred. Test the path with rpcinfo, ping, 
netstat, make changes, and try again. 
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Exit Code 
N/A 


N/A 


N/A 


SENDMAIL—SENDMAIL.ERR Errors 


Message 


Error: svc_sendreply2 
svc_sendreply2 -Remove a 
program, version to port mapping 


Error: svc_sendreply3 
svc_sendreply3 -Lookup the 
mapping for a program, version 


Error: svc_sendreply4 
svc_sendreply4 -Return the current 
set of mapped program, version 


Explanation 


The rpc svc_sendreply() function did not work in the 
portmap routine when it attempted to return information to 
the caller. 


Action: See the rpc svc_sendreply() call description in the 
IBM TCPHP Version 1.2 for OS/2: Programmer’s Reference 
for information. The transport handle may have been 
altered by another function. The transport handle may not 
be available. Verify that memory is available and allocated. 
An xdr error may have occurred on the transfer. A socket 
error may have occurred. Test the path with rpcinfo, ping, 
netstat, make changes, and try again. 


The rpc svc_sendreply() function did not work in the 
portmap routine when it attempted to return information to 
the caller. 


Action: See the rpc svc_sendreply() call description in the 
IBM TCP/IP Version 1.2 for OS/2: Programmer’s Reference 
for information. The transport handle may have been 
altered by another function. The transport handle may not 
be available. Verify that memory is available and allocated. 
An xdr error may have occurred on the transfer. A socket 
error may have occurred. Test the path with rpcinfo, ping, 
netstat, make changes, and try again. 


The rpc svc_sendreply() function did not work in the 
portmap routine when it attempted to return information to 
the caller. 


Action: See the rpc svc_sendreply() call description in the 
IBM TCPIHIP Version 1.2 for OS/2: Programmer’s Reference 
for information. The transport handle may have been 
altered by another function. The transport handle may not 
be available. Verify that memory is available and allocated. 
An xdr error may have occurred on the transfer. A socket 
error may have occurred. Test the path with rpcinfo, ping, 
netstat, make changes, and try again. 


The following are errors that can be found in the ETC\SENDMAIL.ERR file. 


Table 29 (Page 7 of 2). Sendmail Messages and Codes 


Exit Code 
N/A 


Message 


Cannot send mail 


Explanation 


Warning message. The recipient host’s SMTP is down or 
cannot be reached through the network. 


Action: No action to be taken. Sendmail automatically 
stores the mail in the MQUEUE and tries the delivery again, 
based on the time you specified using the -qtime param- 
eter. If the problem persists for several days, verify that the 
note is correct by checking the data files in the MQUEUE 
directory. You can either make corrections to the date files 
or delete them. 
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Exit Code Message 

N/A Timed out waiting for hostname 

N/A Line number: invalid rewrite line 

N/A Cannot change drive 

N/A getrequests: cannot bind 

N/A fopen to inbox.ndx failed, 
inbox.ndx locked 

N/A Sendmail gave up trying to open 


inbox.ndx, mailfile delivered, inbox 
not updated 


Explanation 


Warning message. The connection to another SMTP server 
was lost. 


Action: No action to be taken. Sendmail and other SMTP 
servers automatically try to deliver the mail again. 


The rewrite rule in the ETC\SENDMAIL.CF file on the speci- 
fied line is incorrectly formed. 


Action: Edit the ETC\SENDMAIL.CF configuration file and 
correct the line. The three separate fields must be sepa- 
rated by tabs, not spaces. If you have a large number of 
these errors in your file, you probably used an editor that 
converts tabs to spaces, and have introduced a large 
number of errors into your configuration file. If you are 
unable to recover the changes, restore an older version of 
the SENDMAIL.CF file from the backups in the ETC directory 
or from the product disks. 


Sendmail is unable to access either the MAIL or MQUEUE 
subdirectories. 


Action: Search the ETC\SENDMAIL.CF configuration file to 
find the MAIL and MQUEUE subdirectories that Sendmail 
expects to find. These directories are specified by the OQ 
and Miocal parameters, respectfully. Verify that these 
directories exist and that Sendmail has write access to 
them. 


Sendmail cannot bind to port 25, the port reserved for 
SMTP. This occurs if Sendmail is already running, or if 
Sendmail has previously terminated with an error and the 
port was not freed. 


Action: Verify that Sendmail is not already running. If port 
25 cannot be freed, reboot the machine. 


Sendmail cannot open the MAIL\INBOX.NDX file, because it 
is in use by another application, usually LaMail. 


Action: Normally, the problem corrects itself, as the other 
application finishes accessing the INBOX.NDxX file and 
allows Sendmail to update it. If the problem persists, the 
INBOX.NDX file may have become corrupted and must be 
erased. If the INBOX.NDX file must be erased, manually 
read the remaining mail in the MAIL directory to prevent the 
loss of information. 


Sendmail is unable to open the MAIL\INBOX.NDxX file 
because it is in use by another application, usually LaMail. 


Action: Normally, the problem corrects itself, as the other 
application finishes accessing the INBOX.NDxX file and 
allows Sendmail to update it. If the problem persists, the 
INBOX.NDX file may have become corrupted and needs to 
be erased. If the INBOX.NDX file needs to be erased, manu- 
ally read the remaining mail in the MAIL directory to 
prevent the loss of information. 
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SENDMAIL—Exit Codes 


The following are exit codes returned by Sendmail. 


Table 30 (Page 1 of 2). Sendmail Messages and Codes 


Exit Code 
64 


65 


66 


67 


68 


69 


70 


72 


73 


15 


Message 


Command line usage error 


Data format error 


Cannot open input 


Addressee unknown 


Host name unknown 


Service unavailable 


Internal software error 


Critical OS file missing 


Can’t create (user) output file 


Temp failure; user is invited to 
retry 


Explanation 


The command was used incorrectly. For example, the 
command used the wrong number of arguments, an invalid 
flag, or incorrect syntax. 


Action: Verify the command you entered, correct if neces- 
sary, and try again. 


The input data was incorrect. The data you entered should 
be used only as user’s data, not as system files. 


Action: The mail file you are trying to send is in the wrong 
format. Verify the format, correct if necessary, and try 
again. 


An input mail file does not exist or cannot be read. This 
error could also include errors, such as “No message” to a 
mailer. 


Action: Verify the file name of the input file, correct if nec- 
essary, and try again. 


The user you specified does not exist. 


Action: Verify the target user ID, correct if necessary, and 
try again. 


The host you specified does not exist. This message occurs 
for mail addresses or network requests. 


Action: Check the target host to see if it is defined in the 
HOSTS file or name server. 


A service is unavailable. This message occurs if a support 
program or file does not exist, or it occurs as a general 
message when some task you wanted to perform does not 
work. 


Action: Please make a note of the circumstances and 
contact IBM support. 


An internal software error has been detected. This 
message should be limited to non-operating system errors. 


Action: Please make a note of the circumstances and call 
IBM support. 


A system file does not exist or cannot be opened. 


Action: Verify that the SENDMAIL.CF and SERVICES files 
exist in your ETC directory. 


An output file you specified cannot be created. For 
example, you cannot open a file when receiving mail, your 
disk is full, or a file is read-only. 


Action: 


This is a temporary failure. For example, a mailer could not 
create a connection. 


Action: You should try to send the mail again. 
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Exit Code 
76 


SNMP 


Message 


Remote error in protocol 


Table 31. SNMP Messages and Codes 


Exit Code 
N/A 


N/A 


N/A 


N/A 


N/A 


TALK 


Message 


Unknown SNMP request type 


arptbl_ setup:cannot get memory 
for arptblp1 


iftable setup:cannot get memory 
for ifp 


if addrsetup:cannot get memory 
for ipadr1 


iproute_setup:cannot get memory 
for iprouteptr 


Table 32. TALK Messages and Codes 


Exit Code 
N/A 


N/A 


Message 


talk: hostname: 


talk: host: invalid host name 


Explanation 


The remote system attempted an impossible task during a 
protocol exchange. 


Action: Verify that the target host is working correctly. 


Explanation 
There are only three SNMP request types: 


e snmp_get 
¢ snmp_getnext 
* snmp_set. 


Action: Verify that you have entered a valid type. 


In file MIB_AT.C, the c function calloc() allocates storage for 
the data structure arp_ent. 


Action: Run fewer applications, and restart the application 
that failed. 


In file MIB_INTE.C, the c function calloc() allocates storage 
for the data structure /f_ent. 


Action: Run fewer applications, and restart the application 
that failed. 


In file MIB_IPAD.C, the c function calloc() allocates storage 
for the data structure ipadr_ent. 


Action: Run fewer applications, and restart the application 
that failed. 


In file MIB_IPRO.C, the c function calloc() allocates storage 
for the data structure /proute_ent. 


Action: Run fewer applications, and restart the application 
that failed. 


Explanation 


Your HOSTNAME environment variable is defined as 
hostname, which cannot be resolved. 


Action: Define hostname in your HOSTS file or name 
server. 


The host is probably valid, but it cannot be resolved. 


Action: Define the host in your HOSTS file or name server. 
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Teinet Server 


Table 33. Telnet Server Messages and Codes 


Exit Code 


N/A 


N/A 


N/A 


232 


Message 


Invalid password. 


Telnetd: panic state = state 


Unable to start up a Telnet Session 
to service the client 


Unable to start shell specified in 
COMSPEC variable in config.sys! 


Login failure: {Hard error abort 
Trap operation 
DosKillProcess 
Unknown Failure} 


Could NOT execute login.exe 
command! 


Explanation 
You entered an invalid password. 


Action: Contact your system administrator for password 
information. 


The Telnet state machine is in an unknown state. 


Action: Verify the communication parameters between 
client and server. For example, SYNC and FLUSH. 


The server was unable to start up a session to process the 
connecting clients requests. This is usually because the 
server host has run out of resources. 


The telnet server was unable to start up a command 
processor as specified by the COMSPEC environment vari- 
able. 


Action: Check your config.sys to verify the value of this 
environment variable. 


An unusual error occured during a client login. 


Action: Verify that the correct login.exe in the TCPIP\BIN 
directory is the login that is being run (verify that this is the 
first executable with the name ‘login’ in your PATH). 


The server was unable to run the login program to allow 
clients access. 


Action: Verify that your PATH environment variable is 
correct. 
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Appendix G. Sample BOOTPTAB File 


This appendix contains a sample BOOTPTAB file. 


# tcpip\etc\bootptab: database for bootp server BOOTPD 
# Blank lines and lines beginning with '#' are ignored. 


# 

# Legend: 

# 

# first field -- hostname 

# (may be full domain name and probably should be) 

# 

# bf -- bootfile 

# ds -- domain name server address list 

# gw -- gateway address list 

# ha -- host hardware address (follows ht) (hexadecimal) 
# hd -- home directory 

# hn -- send host name (boolean tag) 

# ht -- host hardware type (precedes ha) (ethernet, ether) 
# ip -- host IP address 

# sm -- subnet mask 

# tc -- template host (points to similar host entry) 


Be careful about including backslashes where they're needed. 
Strange things can happen when a backslash is 
omitted where one is intended. 


SHe SH OR OF HE 


# First, we define a global entry which specifies the info every 
# host uses. ***Make changes here*** 


global.dummy: \ 
:sm=255.255.224.0:\ 
:hd=/bootpd/trypd:bf=null:\ 
:ds=9.67.30.100 9.67.30.99: 


# Then information specific to a subnet. ***Make changes here*** 


subnet6Q. dummy : \ 
:tc=global .dummy:gw=9.67.60.129 
subnet22. dummy: \ 
:tc=global.dummy:gw=9.67.22.2 


# Finally, individual host information that needs to be changed. 
# ***Make changes here*** 


ricky.tcp.raleigh.ibm.com: tc=subnet60.dummy: ht=ethernet:\ 
ha=10005a25095e: ip=9.67.60.131: hn: 

maggie.tcp.raleigh.ibm.com: tc=subnet6Q.dummy: ht=ethernet:\ 
ha=10005a6d1877: ip=9.67.60.131: hn: 

pete.tcp.raleigh.ibm.com: tc=subnet22.dummy: ht=ethernet:\ 
ha=10005a2blef0: ip=9.67.30.70: hn: 

homer.tcp.raleigh.ibm.com: tc=subnet22.dummy: ht=ethernet:\ 
ha=10005a251419: ip=9.67.60.70: hn: 
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Appendix H. Related Protocol Specifications 


IBM is committed to industry standards. The internet protocol suite is still evolving 
through Requests for Comments (RFC). New protocols are being designed and 
implemented by researchers, and are brought to the attention of the internet com- 
munity in the form of RFCs. Some of these are so useful that they become a recom- 
mended protocol. That is, all future implementations for TCP/IP are recommended 
to implement this particular function or protocol. These become the de facto stand- 
ards, on which the TCP/IP protocol suite is built. 


Many features of TCP/IP for OS/2 are based on the following RFCs: 


RFC 
768 
783 
791 
192 
193 
821 
822 
823 
826 


854 
856 
857 
877 


885 
919 
922 
950 
951 
952 
959 
974 
1013 
1014 


1034 
1035 
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Title and Author 

User Datagram Protocol, J.B. Postel 

Trivial File Transfer Protocol, (Revision 2), K.R. Sollins 

Internet Protocol, J.B. Postel 

Internet Control Message Protocol, J.B. Postel 

Transmission Control Protocol, J.B. Postel 

Simple Mail Transfer Protocol, J.B. Postel 

Standard for the Format of ARPA Internet Text Messages, D. Crocker 
DARPA Internet Gateway, R.M. Hinden, A. Sheltzer 


Ethernet Address Resolution Protocol: or Converting Network Protocol 
Addresses to 48.Bit Ethernet Address for Transmission on Ethernet 
Hardware, D.C. Plummer 


Telnet Protocol Specification, J.B. Postel, J.K. Reynolds 
Telnet Binary Transmission, J.B. Postel, J.K. Reynolds 
Telnet Echo Option, J.B. Postel, J.K. Reynolds 


Standard for the Transmission of !P Datagrams over Public Data Networks, 
J.T. Korb 


Telnet End of Record Option, J.B. Postel 

Broadcasting Internet Datagrams, J.C. Mogul 

Broadcasting Internet Datagrams in the Presence of Subnets, J.C. Mogul 
Internet Standard Subnetting Procedure, J.C. Mogul, J.B. Postel 

Bootstrap Protocol, W.J.Croft, J. Gilmore 

DoD Internet Host Table Specification, K. Harrenstien, M.K. Stahl, E.J. Feinler 
File Transfer Protocol, J.B. Postel, J.K. Reynolds 

Mail Routing And The Domain Name System, C. Partridge 

X Window System Protocol, Version 11: Alpha Update, R.W. Scheifler 


XDR: External Data Representation Standard, Sun Microsystems Incorpo- 
rated 


Domain Names—Concepts and Facilities, P.V. Mockapetris 


Domain Names—/Implementation and Specification, P.V. Mockapetris 
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1055 


1057 


1058 
1060 
1084 
1091 
1094 


1118 
1122 
1123 


1155 


1157 


1179 


1180 
1187 
1200 


1206 


1207 


1208 
1213 


Nonstandard for Transmission of IP Datagrams Over Serial Lines: SLIP, J.L. 
Romkey 


RPC: Remote Procedure Call Protocol Version 2 Specification, Sun Microsys- 
tems Incorporated 


Routing Information Protocol, C.L. Hedrick 

Assigned Numbers, J.K. Reynolds, J.B. Postel 
BOOTP vendor information extensions, J.K. Reynolds 
Telnet Terminal-Type Option, J. VanBokkelen 


NFS: Network File System Protocol Specification, Sun Microsystems Incorpo- 
rated. 


Hitchhikers guide to the Internet, E. Krol 
Requirements for Internet Hosts—Communication Layers, R.T. Braden, editor 


Requirements for Internet Hosts—Application and Support, R.T. Braden, 
editor 


Structure and Identification of Management Information for TCP/IP-Based 
Internets, M.T. Rose, K. McCloghrie 


Simple Network Management Protocol (SNMP), J.D. Case, M. Fedor, M.L. 
Schoffstall, C. Davin 


Line Printer Daemon Protocol, The Wollongong Group, L. McLaughlin Ill, 
editor 


TCP/IP Tutorial, T.J. Socolofsky, C.J. Kale 
Bulk Table Retrieval with the SNMP. 


Defense Advanced Research Projects Agency, Internet Activities Board [AB 
official protocol standards. 


FY! on Questions and Answers: Answers to commonly asked “new Internet 
user” questions,, G.S. Malkin, A.N. Marine 


FYI on Questions and Answers: Answers to commonly asked “experienced 
Internet user” questions,, G.S. Malkin, A.N. Marine, J.K. Reynolds 


Glossary of networking terms,, O.J. Jacobsen, D.C. Lynch 


Management information Base for network management of TCP/IP-based 
internets:MIB-II, K. McCloghrie, M.T.Rose, editors 


These documents can be obtained from: 


SRI International 

Network Information Systems Center 
Room EJ291 

333 Ravenswood Avenue 

Menlo Park, CA. 94025 


Many RFCs are available online. Hard copies of all RFCs are available from the 
NIC, either individually or on a subscription basis. Online copies are available 
using FTP from the NIC at nic.ddn.mil. Use FTP to download the files, using the 
following format: 


RFC: RFC- INDEX. TXT 


RFC:RFCnnnn. TXT 
RFC:RFCnnnn.PS 
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Where: 


nnnn Is the RFC number. 
TXT Is the text format. 
PS Is the PostScript format. 


You can also request RFCs through electronic mail, from the automated NIC mail 
server, by sending a message to service@nic.ddn.mil with a subject line of RFC nnnn 
for text versions or a subject line of RFC nnnn.PS for PostScript versions. To request 
a copy of the RFC index, send a message with a subject line of RFC INDEX. 


For more information, contact nic@nic.ddn.mil. 
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Glossary 


This glossary describes the most common terms asso- 
ciated with TCP/IP communication in an internet envi- 
ronment, as used in this book. 


If you do not find the term you are looking for, see /BM 
Dictionary of Computing, SC20-1699. 


This glossary includes some terms from /BM Dictionary 
of Computing. 


For abbreviations, the definition usually consists only of 
the words represented by the letters; for complete defi- 
nitions, see the entries for the words. 


A 


ABEND. The abnormal termination of a program or 
task. 


accelerator key. A key or combination of keys that 
invokes an application-defined function. Also known as 
a function key. 


action bar. The highlighted area at the top of a panel 
that contains the choices currently available in the 
application program that a user is running. 


active open. The state of a connection that is actively 
seeking a service. Contrast with passive open. 


adapter. (1) A piece of hardware that connects a com- 
puter and an external device. (2) An auxiliary device 
or unit used to extend the operation of another system. 


address. The unique code assigned to each device or 
workstation connected to a network. A standard 
internet address is a 32-bit address field. This field can 
be broken into two parts. The first part contains the 
network address; the second part contains the host 
number. 


Address Resolution Protocol (ARP). A protocol used to 
dynamically bind an internet address to a hardware 
address. ARP is implemented on a single physical 
network and is limited to networks that support broad- 
cast addressing. 


agent. As defined in the SNMP architecture, an agent, 
or an SNMP server is responsible for performing the 
network management functions requested by the 
network management stations. 


American National Standard Code for Information Inter- 
change (ASCII). (1) The standard code, using a coded 
character set consisting of 7-bit coded characters (8 
bits including parity check), used for information inter- 
change among data processing systems, data commu- 
nication systems, and associated equipment. The 
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ASCII set consists of control characters and graphic 
characters. (2) The default file transfer type for FTP, 
used to transfer files that contain ASCII text characters. 


American National Standards Institute (ANSI). An 
organization consisting of producers, consumers, and 
general interest groups, that establishes the proce- 
dures by which accredited organizations create and 
maintain voluntary industry standards in the United 
States. 


ANSI. American National Standards Institute 


application. The use to which an information proc- 
essing system is put, for example, a payroll applica- 
tion, an airline reservation application, a network 
application. 


argument. A parameter passed between a calling 
program and acalled program. 


ARP. Address Resolution Protocol. 


ASCII. American National Standard Code for Informa- 
tion Interchange. 


asynchronous. Without regular time relationship; 
unexpected or unpredictable with respect to the exe- 
cution of program instruction. See synchronous. 


attribute. A characteristic or property. For example, 
the color of a line, or the length of a data field. 


authentication server. The service that reads a 
Kerberos database to verify that a client making a 
request for access to an end-service is the client 
named in the request. The authentication server pro- 
vides an authenticated client a ticket as permission to 
access the ticket-granting server. 


authenticator. Information encrypted by a Kerberos 
authentication server that a client presents along witha 
ticket to an end-server as permission to access the 
service. 


authorization. The right granted to a user to communi- 
cate with, or to make use of, a computer system or 
service. 


backbone. (1) In alocal area network multiple-bridge 
ring configuration, a high-speed link to which rings are 
connected by means of bridges. A backbone can be 
configured as a bus or as aring. (2) In a wide area 
network, a high-speed link to which nodes or data 
switching exchanges (DSES) are connected. 
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batch. (1) An accumulation of data to be processed. 
(2) A group of records or data processing jobs brought 
together for processing or transmission. (3) Pertaining 
to activity involving little or no user action. See inter- 
active. 


block. A string of data elements recorded, processed, 
or transmitted as a unit. The elements can be charac- 
ters, words, or physical records. 


Boolean. A value of 0 or 1 represented internally in 
binary notation. 


bridge. A router that connects two or more networks 
and forwards packets among them. The operations 
carried out by a bridge are done at the physical layer 
and are transparent to TCP/IP and TCP/IP routing. 


broadcast. The simultaneous transmission of data 
packets to all nodes on a network or subnetwork. 


broadcast address. An address that is common to all 
nodes on a network. 


bus topology. A network configuration in which only 
one path is maintained between stations. Any data 
transmitted by a station is concurrently available to all 
other stations on the link. 


button. (1) A mechanism on a pointing device, such as 
a mouse, used to request or initiate an action. (2) A 
rounded-corner rectangle with text inside, used in 
graphics applications for actions that occur when the 
pushbutton is selected. 


C 


case-sensitive. A condition in which entries for an 
entry field must conform to a specific lower -, upper -, 
or mixed-case format in order to be valid. 


checksum. The sum of a group of data associated with 
the group and used for checking purposes. 


Class A network. An internet network in which the 
high-order bit of the address is 0. The host number 
occupies the three low-order octets. 


Class B network. An internet network in which the 
high-order bit of the address is 1 and the next 
high-order bit is 0. The host number occupies the two 
low-order octets. 


Class C network. An internet network in which the two 
high-order bits of the address are 1 and the next 
high-order bit is 0. The host number occupies the 
low-order octet. 


click. To press and release the select button ona 
mouse. 


client. A function that requests services from a server, 
and makes them available to the user. 


client-server relationship. A device that provides 
resources or services to other devices on a network is 
a server. A device that employs the resources pro- 
vided by a server is a client. 


clipboard. A temporary storage area used for copying 
and storing data. 


CMS. Conversational Monitor System 


command. The name and any parameters associated 
with an action that can be performed by a program. 

The command is entered by the user; the computer per- 
forms the action requested by the command name. 


command prompt. A displayed symbol, such as [C:\] 
that requests input from a user. 


Communications Manager. A component of OS/2 that 
allows a workstation to connect to a host computer and 
use the host resources as well as the resources of 
other personal computers to which the workstation is 
attached, either directly or through a host. 


community name. The name ofa group of hosts that 
share SNMP management network information. 


compile. (1) To translate a program written ina 
high-level language into a machine language program. 
(2) The computer actions required to transform a 
source file into an executable object file. 


Compiler. A program that translates a source program 
into an executable program (an object program). 


CONFIG.SYS. A file that contains the configuration 
options for an OS/2 personal computer. 


configuration file. For the base operating system, the 
CONFIG.SYS file that describes the devices, system 
parameters, and resource options of a personal com- 
puter. 


connection. (1) An association established between 
functional units for conveying information. (2) The path 
between two protocol modules that provides reliable 
stream delivery service. In an internet, a connection 
extends from a TCP module on one machine to a TCP 
module on the other. 


conversational monitor system (CMS). A virtual 
machine operating system that provides general inter- 
active time sharing, problem solving, and program 
development capabilities, and operates only under 
control of the VM/370 VM control program. 
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D 


daemon. A background process usually started at 
system initialization that runs continuously and per- 
forms a function required by other processes. 


datagram. The basic unit of information that is passed 
across the internet, it consists of one or more data 
packets. 


data set. The major unit of data storage and retrieval 
in MVS, consisting of a collection of data in one of 
several prescribed arrangements and described by 
control information to which the system has access. 
Synonymous with fife in VM and OS/2. 


default. A value, attribute or option that is assumed 
when none is explicitly specified. 


destination node. The node to which a request or data 
is sent. 


dialog box. A movable window, fixed in size, which 
provides information that is required by an application 
to continue your request. 


directory. A named grouping of files in a file system. 


Distributed Program Interface. The SNMP DPI is a pro- 
gramming interface that provides an extension to the 
functionality provided by the SNMP agents. 


DLL. Dynamic Link Library 
DNS. Domain Name System 


domain. In an internet, a part of the naming hierarchy. 
Syntactically, a domain name consists of a sequence of 
names (labels) separated by periods (dots). 


Domain Name System. A system in which a resolver 
queries name servers for resource records about a 
host. 


domain naming. A hierarchical system for naming 
network resources. 


dotted-decimal notation. The syntactic representation 
for a 32-bit integer that consists of four 8-bit numbers, 
written in base 10 and separated by periods (dots). 
Many internet application programs accept dotted 
decimal notations in place of destination machine 
names. 


double-precision. A specification that causes a 
floating-point value to be stored internally in the long 
format. 


DPI. Distributed Program Interface. 
dragging. Moving an object on the display screen as if 


it were attached to the pointer, or mouse; performed by 
holding the select button and moving the pointer. 


drive. The device used to read and write data on disks 
or diskettes. 


dynamic link library (DLL). A module containing 
dynamic link routines that is linked at load or run time. 


E 


EBCDIC. Extended binary-coded decimal interchange 
code. 


encapsulation. A process used by layered protocols in 
which a lower level protocol accepts a message from a 
higher level protocol and places it in the data portion of 
the low level frame. 


entry field. A panel element, usually highlighted in 
some manner and usually with its boundaries indi- 
cated, where users type in information. 


Ethernet. The name given to a local area 
packet-switched network technology invented in the 
early 1970s by Xerox Incorporated. Ethernet uses a 
Carrier Sense Multiple Access/Collision Detection 
(CSMA/CD) mechanism to send packets. 


extended binary-coded decimal interchange code 
(EBCDIC). A coded character set consisting of 8-bit 
coded characters. 


eXternal Data Representation (XDR). A standard 


developed by SUN Microsystems Incorporated for 
representing data in machine-independent format. 


F 


file. In VM and OS/2, a named set of records stored or 
processed as a unit. Synonymous with data set in 
MVS. 


File Transfer Protocol (FTP). A TCP/IP protocol used 
for transferring files to and from foreign hosts. FTP 
also provides the capability to access directories. 
Password protection is provided as part of the protocol. 


folder. In LaMail, a collection of mail files that share a 
common attribute, such as userid, location, or subject. 


foreign host. Any host on the network including the 
local host. 


foreign network. In an internet, any other network 
interconnected to the local network by one or more 
intermediate gateways or routers. 

foreign node. See foreign host. 


FTAM. File Transfer Access and Management. 


FTP. File Transfer Protocol. 
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gateway. (1) A functional unit that interconnects a 
local data network with another network having dif- 
ferent protocols. (2) A host that connects a TCP/IP 
network to a non-TCP/IP network at the application 
layer. See also router. 


H 


handle. A temporary data representation that identi- 
fies a file. 


header file. A file that contains constant declarations, 
type declarations, and variable declarations and 
assignments. Header files are supplied with all pro- 
gramming interfaces. 


High Performance File System (HPFS). An installable 
file system (IFS) designed to provide better perform- 
ance than the existing file allocation table (FAT) based 
file system. HPFS is designed to provide extremely fast 
access to very large disk volumes. 


hop count. The number of hosts through which a 
packet passes on its way to its destination. 


host. A computer connected to a network, which pro- 
vides an access method to that network. A host pro- 
vides end-user services. 


HPFS. High Performance File System 


ICAT (installation Configuration Automation Tool). 
TCP/IP for OS/2 provides this application for installing 
and configuring TCP/IP for OS/2. 


ICMP. Internet Control Message Protocol. 

IEEE. Institute of Electrical and Electronic Engineers. 
include file. A file that contains preprocessor text, 
which is called by a program, using a standard pro- 


gramming call. Synonymous with header file. 


installation. The process of placing one or more OS/2 
components on a personal computer's fixed disk. 


instance. One of the three parts of a Kerberos name. 
Instance specifies the machine on which a service is 
run. 


Institute of Electrical and Electronic Engineers (IEEE). 
An electronics industry organization. 


Integrated Services Digital Network (ISDN). A digital 
end-to-end telecommunication network that supports 
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multiple services including, but not limited to, voice 
and data. 


interactive. Pertaining to a program or a system that 
alternately accepts input and then responds. An inter- 
active system is conversational, that is, a continuous 
dialog exists between user and system. See batch. 


International Organization for Standardization (ISO). 
An organization of national standards bodies from 
various countries established to promote development 
of standards to facilitate international exchange of 
goods and services, and develop cooperation in intel- 
lectual, scientific, technological, and economic activity. 


internet or internetwork. A collection of packet 
switching networks interconnected by gateways, 
routers, bridges, and hosts to function as a single, 
coordinated, virtual network. 


internet address. The unique 32-bit address identifying 
each node in an internet. See also address. 


internet Control Message Protocol (ICMP). The part of 
the Internet Protocol layer that handles error messages 
and control messages. 


internet Protocol (IP). The TCP/IP layer between the 
higher level host-to-host protocol and the local network 
protocols. IP uses local area network protocols to 
carry packets, in the form of datagrams, to the next 
gateway, router, or destination host. 


interoperability. The capability of different hardware 
and software by different vendors to effectively commu- 
nicate together. 

IP. Internet Protocol. 


ISDN. Integrated Services Digital Network. 


ISO. International Organization for Standardization. 


K 


Kerberos Authentication System. An authentication 
mechanism used to check authorization at the user 
level. 


L 


LaMail. The client that communicates with the OS/2 
Presentation Manager to manage mail on the network. 


LAN. Local area network. 
Line printer daemon (LPD). The remote printer server 
that allows other hosts to print on a printer local to your 


host. 


Line Printer Protocol. A TCP/IP protocol used for 
printing files on printers attached to remote hosts. 


es 


local area network (LAN). A data network located on 
the user’s premises in which serial transmission is 
used for direct data communication among data 
stations. 


local host. In an internet, the computer to which a 
user’s terminal is directly connected without using the 
internet. 


local network. The portion of a network that is phys- 
ically connected to the host without intermediate gate- 
ways or routers. 


Logical ANDing. When the Boolean operator AND is 
applied to two bits, the result is one when both bits are 
one; otherwise, the result is zero. When two bytes are 
ANDed, each pair of bits is handled separately; there is 
no connection from one bit position to another. 


LPD. Line printer daemon. 


LPR. Aclient command that allows the local host to 
submit a file to be printed on a remote print server. 


Management Information Base (MIB). A standard used 
to define SNMP objects, such as packet counts and 
routing tables, that are ina TCP/IP environment. 


mapping. The process of relating internet addresses 
to physica! addresses in the network. 


MARK. A Presentation Manager function that marks a 
section of text to be copied or cut. 


marshall. To copy data into an RPC packet. Stubs 
perform marshalling. See also unmarshall. 


mask. (1) A pattern of characters used to control 
retention or elimination of portions of another pattern of 
characters. (2) To use a pattern of characters to 
control retention or elimination of another pattern of 
characters. (3) A pattern of characters that controls 
the keeping, deleting, or testing of portions of another 
pattern of characters. 


menu. A type of panel that consists of one or more 
selection fields. 


menu item. A selection item on a pull-down menu. 
MIB. Management Information Base. 


mouse. A device that is used to move a pointer on the 
screen and select items. 


multitasking. A mode of operation that provides for the 
concurrent performance execution of two or more 
tasks. 


MVS. Multiple Virtual Storage. 





N 


name server. The server that stores resource records 
about hosts. 


NCP. Network Control Program. 
NCS. Network Computing System. 


network. An arrangement of nodes and connecting 
branches. Connections are made between data 
Stations. 


network adapter. A physical device, and its associated 
software, that enables a processor or controller to be 
connected to a network. 


network administrator. The person responsible for the 
installation, management, control, and configuration of 
a network. 


Network Computing System (NCS). Network Com- 
puting System. A set of software components devel- 
oped by Apollo ihat conform to the Network Computing 
Architecture (NCA). NCS is made up of two parts: the 
nid! Compiler and Network Computing Kernel (NCK). 


network control program (NCP). An IBM-licensed 
program that provides communication controller 
support for single-domain, multiple-domain, and inter- 
connected network capability. 


network elements. As defined in the SNMP architec- 
ture, network elements are gateways, routers, and 
hosts that contain management agents responsible for 
performing the network management functions 
requested by the network management stations. 


network file system (NFS). The NFS protocol, which 
was developed by Sun Microsystems Incorporated, 
allows computers in a network to access each other’s 
file systems. Once accessed, the file system appears 
to reside on the local host. 


network management stations. As defined in the 
SNMP architecture, network management stations, or 
SNMP clients, execute management applications that 
monitor and control network elements. 


NFS. Network file system. 
node. (1) In anetwork, a point at which one or more 
functional units connect channels or data circuits. 


(2) In a network topology, the point at an end of a 
branch. 
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octet. A byte composed of eight binary elements. 


open system. A system with specified standards and 
that therefore can be readily connected to other 
systems that comply with the same standards. 


Open Systems Interconnection (OSI). (1) The intercon- 
nection of open systems in accordance with specific 
ISO standards. (2) The use of standardized procedures 
to enable the interconnection of data processing 
systems. 


OS/2. Operating System/2. 


OSI. Open Systems Interconnection. 


p 


packet. A sequence of binary digits, including data 
and control signals, that is transmitted and switched as 
a composite whole. 


parameter. A variable that is given a constant value 
for a specified application. 


parse. To analyze the operands entered witha 
command. 


passive open. The state of a connection that is pre- 
pared to provide a service on demand. Contrast with 
active open. 


path. The course or route of drives and subdirectories 
leading from the root directory and drive of an oper- 
ating system to where files or data information are 
stored. 


PC. Personal computer. 


PC Network. A low-cost broadband network that 
allows attached IBM personal computers, such as IBM 
5150 Personal Computers, IBM Computer ATs, IBM 
PC/XTs, and IBM Portable Personal Computers to com- 
municate and to share resources. 


PDU. Protocol Data Units 


peer-to-peer. In network architecture, any functional 
unit that resides in the same layer as another entity. 


PING. The command that sends an ICMP Echo 
Request packet to a gateway, router, or host with the 
expectation of receiving a reply. 


piping. in advanced DOS, a feature that allows the 
output of a program as it is displayed on the screen to 
be used as input to another program without reentering 
the data on the keyboard. 


port. (1) An endpoint for communication between 
devices, generally referring to a logical connection. 
(2) A 16-bit number identifying a particular Trans- 
mission Control Protocol or User Datagram Protocol! 
resource within a given TCP/IP node. 


PORTMAP. Synonymous with Portmapper. 


Portmapper. A program that maps client programs to 
the port numbers of server programs. Portmapper is 
used with Remote Procedure Call (RPC) programs. 


Presentation Manager. A component of OS/2 that pro- 
vides a complete graphics-based user interface, with 
pull-down windows, action bars, and layered menus. 


principal name. One of the three parts of a Kerberos 
name. Principal name specifies the name of a user or 
service. 


process. (1) A unique, finite course of events defined 
by its purpose or by its effect, achieved under defined 
conditions. (2) Any operation or combination of oper- 
ations on data. (3) A function being performed or 
waiting to be performed. (4) A program in operation; 
for example, a daemon is a system process that is 
always running on the system. 


protocol. A set of semantic and syntactic rules that 
determines the behavior of functional units in achieving 
communication. Protocols can determine low-level 
details of machine-to-machine interfaces, such as the 
order in which bits from a byte are sent; they can also 
determine high-level exchanges between application 
programs, such as file transfer. 


Protocol Data Unit (PDU). A set of commands used by 
the SNMP agent to request management station data. 


protocol suite. A set of protocols that cooperate to 
handle the transmission tasks for a data communi- 
cation system. 


pull-down. An extension of the action bar that displays 
a list of choices that are available for a selected action 
bar choice. 


R 


RAM. Random Access Memory. 


Random Access Memory (RAM). A memory device 
into which data is entered and from which data is 
retrieved in a nonsequential manner. 


RARP. Reverse Address Resolution Protocol. 


realm. One of the three parts of a Kerberos name. 
Realm specifies the service that provides 
authentication for the principal name. Realm can also 
specify the name of an administrative entry that is 
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responsible for its own database on its own Kerberos 
machine. 


Remote Execution Protocol (REXEC). A protocol that 
allows the execution of a command or program ona 
foreign host. The local host receives the results of the 
command execution. This protocol uses the REXEC 
command. 


remote host. Any foreign host, not including the local 
host. 


remote logon. The process by which a terminal user 
establishes a terminal session with a remote host. 


Remote Procedure Call (RPC). A facility that a client 

uses to request the execution of a procedure call from 
aserver. This facility includes a library of procedures 
and an external data representation. 


Request For Comments (RFC). A series of documents 
that covers a broad range of topics affecting internet- 
work communication. Some RFCs are established as 
internet standards. 


resolver. A program or subroutine that obtains infor- 
mation from a name server or local table for use by the 
calling program. 


resource records. Individual records of data used by 
the Domain Name System. Examples of resource 
records include the following: a host's Internet Protocol 
addresses, preferred mail addresses, and aliases. 


return code. (1) A code used to influence the exe- 
cution of succeeding instructions. (2) A value returned 
to a program to indicate the results of an operation 
requested by that program. 


Reverse Address Resolution Protocol (RARP). A pro- 
tocol that maintains a database of mappings between 
physical hardware addresses and IP addresses. 


REXEC. Remote Execution Protocol. 
RFC. Request For Comments. 
RIP. Routing Information Protocol. 


router. A device that connects networks at the ISO 
Network Layer. A router is protocol-dependent and 
connects only networks operating the same protocol. 
Routers do more than transmit data; they also select 
the best transmission paths and optimum sizes for 
packets. In TCP/IP, routers operate at the Internetwork 
layer. See also gateway. 


Routing Information Protocol (RIP). The protocol that 
maintains routing table entries for gateways, routers, 
and hosts. 


routing table. A list of network numbers and the infor- 
mation needed to route packets to each. 


RPC. Remote Procedure Call. 


S 


Sendmail. The OS/2 mail server that uses Simple Mail 
Transfer Protocol to route mail from one host to 
another host on the network. 


serial line. A network media that is a de facto 
standard, not an international standard, commonly 
used for point-to-point TCP/IP connections. Generally, 
a serial line consists of an RS-232 connection into a 
modem and over a telephone line. 


server. A function that provides services for users. A 
machine can run client and server processes at the 
same time. 


Simple Mail Transfer Protocol (SMTP). A TCP/IP appli- 
cation protocol used to transfer mail between users on 
different systems. SMTP specifies how mail systems 
interact and the format of control messages they use to 
transfer mail. 


Simple Network Management Protocol (SNMP). A pro- 
tocol that allows network management by elements, 
such as gateways, routers, and hosts. This protocol 
provides a means of communication between network 
elements regarding network resources. 


SMI. Structure for Management Information. 
SMTP. Simple Mail Transfer Protocol. 
SNMP. Simple Network Management Protocol. 


socket. (1) An endpoint for communication between 
processes or applications. (2) A pair consisting of TCP 
port and IP address, or UDP port and IP address. 


socket interface. An application interface that allows 
users to write their own applications to supplement 
those supplied by TCP/IP. 


stream. A continuous sequence of data elements 
being transmitted, or intended for transmission, in 
character or binary-digit form, using a defined format. 


stubs. (1) A program module that transfers remote 
procedure calls and responses between a client anda 
server. Stubs perform marshalling, unmarshalling and 
data format conversion. Both clients and servers have 
stubs. The NIDL Compiler generates client and server 
stub code from an interface definition. (2) Hooking 
functions used as extensions to the protocol to gen- 
erate protocol requesis for X Window System. 


subagent. In the SNMP architecture, a subagent pro- 
vides an extension to the functionality provided by the 
SNMP agent. 
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subdirectory. A directory contained within another 
directory in a file system hierarchy. 


subnet. A networking scheme that divides a single 
logical network into smaller physical networks to sim- 
plify routing. 


subnet address. The portion of the host address that 
identifies a subnetwork. 


subnet mask. A mask used in the IP protocol layer to 
separate the subnet address from the host portion of 
the address. 


subnetwork. Synonymous with subnet. 


synchronous. (1) Pertaining to two or more processes 
that depend on the occurrences of a specific event such 
as common timing signal. (2) Occurring with a regular 
or predictable time relationship. See asynchronous. 


T 


TALK. An interactive messaging system that sends 
messages between the local host and a foreign host. 


task manager. The OS/2 function that controls the 
starting and stopping of programs, including shutting 
down the system. 


TCP. Transmission Control Protocol. 


TCP/IP. Transmission Control Protocol/Internet Pro- 
tocol. 


Telnet. The Terminal Emulation Protocol, a TCP/IP 
application protocol for remote connection service. 
Telnet allows a user at one site to gain access to a 
foreign host as if the user’s terminal were connected 
directly to that foreign host. 


TFTP. Trivial File Transfer Protocol. 


ticket. Encrypted information obtained from a 
Kerberos authentication server or a ticket-granting 
server. A ticket authenticates a user and, in conjunc- 
tion with an authenticator, serves as permission to 
access a service when presented by the authenticated 
user. 


ticket-granting server. Grants Kerberos tickets to 
authenticated users as permission to access an 
end-service. 


token. Ina local network, the symbol of authority 
passed among data stations to indicate the station tem- 
porarily in control of the transmission medium. 


token ring network. A ring network that allows 
unidirectional data transmission between data stations 
by a token-passing procedure over one transmission 


medium, so that the transmitted data returns to the 
transmitting station. 


Transmission Control Protocol (TCP). The TCP/IP 
layer that provides reliable process-to-process data 
stream delivery between nodes in interconnected com- 
puter networks. TCP assumes that IP (Internet Pro- 
tocol) is the underlying protocol. 


Transmission Control Protocol/internet Protocol 
(TCP/IP). A suite of protocols designed to allow com- 
munication between networks regardless of the tech- 
nologies implemented in each network. 


TRAP. An unsolicited message that is sent by an 
SNMP agent to an SNMP network management station. 


Trivial File Transfer Protocol (TFTP). A TCP/IP appli- 
cation primarily used to transfer files among personal 
computers. TFTP allows files to be sent and received, 
but does not provide any password protection or direc- 
tory capability. 


U 


UDP. User Datagram Protocol. 


unmarshall. To copy data from an RPC packet. Stubs 
perform unmarshalling. See also marshall. 


user. A function that utilizes the services provided by 
aserver. A host can be a user and a server at the 
same time. See client. 


User Datagram Protocol (UDP). A packet-level pro- 
tocol built directly on the IP layer. UDP is used for 
application to application programs between TCP/IP 
hosts. 


V 


VM. Virtual Machine. 


W 


WAN. Wide area network. 


well-known port. A port number that has been preas- 
signed for specific use by a specific protocol or applica- 
tion. Clients and servers using the same protocol 
communicate over the same well-known port. 


wide area network (WAN). A network that provides 
communication services to a geographic area larger 
than that served by a local area network. 


window. An area of the screen with visible boundaries 
through which a panel or portion of a panel is dis- 
played. 
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working directory. The directory in which an applica- X 
tion program is found. The working directory becomes 


the current directory when the application is started. 
re XDR. eXternal Data Representation. 
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